Cybercrime Now Worth $105 Billion, Bypasses Drug Trade

Stony Stevenson writes "Citing recent highly publicized corporate data breaches that have beset major companies like Ameritrade, Citigroup, and Bank of America, McAfee CEO David DeWalt, said that cyber-crime has become a US$105 billion business that now surpasses the value of the illegal drug trade worldwide. Despite the increase in government compliance requirements and the proliferation of security tools, companies continue to underestimate the threat from phishing, data loss, and other cyber vulnerabilities, DeWalt said. 'Worldwide data losses now represent US$40 billion in losses to affected companies and individuals each year, DeWalt says. But law enforcement's ability to find, prosecute, and punish criminals in cyberspace has not kept up: "If you rob a 7-11 you'll get a much harsher punishment than if you stole millions online," DeWal remarked. "The cross-border sophistication in tracking and arresting cyber-criminals is just not there."'"

McAfee?

[parcel]

McAfee CEO David DeWalt, said that cyber-crime has become a US$105 billion business that now surpasses the value of the illegal drug trade worldwide. erm, conflict of interest?

Maybe this isn't true

[Centurix]

Maybe drug dealers are getting smarter.

Uhhh, wtf?

[QuantumG]

"If you rob a 7-11 you'll get a much harsher punishment than if you stole millions online," DeWal remarked. "The cross-border sophistication in tracking and arresting cyber-criminals is just not there." Yeah, it's the difference between a violent crime and shifting some numbers from one table in a database to another.

What an idiot.

Re:Uhhh, wtf?

[clarkkent09]

Is it really that clear-cut that violent crimes should be punished more harshly than non-violent "white collar" crimes? An employee of a 7-11 who gets held up suffers some stress (unless he gets shot, but that's rare) and the company loses a few hundred dollars. I would say that people responsible for the Enron fraud for example caused much greater suffering to more people (who lost their life savings, pensions etc) than a crackhead who robs a 7-11.

Re:Uhhh, wtf?

[QuantumG]

The purpose of prisons is to separate those who are a danger to society from society.

As much as I believe those responsible for the Enron disaster are a danger to society, they can be neutralized simply by prohibiting them from being directors of companies ever again.

Re:Uhhh, wtf?

[QuantumG]

Yeah, the whole "we'll be complete assholes to you so that other people think twice before doing what you did" thing. It's barbaric.

Re:Uhhh, wtf?

[ZorbaTHut]

Sadly, some incentive to others to not follow in the person's footsteps is often helpful. Many people aren't fundamentally good - they're fundamentally selfish, and any legal system that doesn't take this into account is doomed to failure.

If I had some way to push a button and take one dollar from every American in the country, with a 5% chance of getting caught and no penalty besides losing the money I'd gained, I'd honestly probably push it. If the penalty was instead 80 years in prison, I wouldn't. Penalties are important.

Re:Uhhh, wtf?

[ZorbaTHut]

If the lost money causes two people to starve to death, or 100 people to die one year earlier than otherwise due to slightly inferior medical care, then you could easily argue that the lost millions is indeed a great cost than a single murder.

If you want a real challenge, try to figure out exactly how much emotional pain and depression is equivalent to one murder.

Bypasses drug trade?

Bypass: A means of circumvention.
Surpass: To be or go beyond, as in degree or quality; exceed.

This number

[symbolic]

...sounds like it was pulled out of someone's ass. I don't deny that there's a problem, but what concerns me is that this "number" could very well become another excuse for the government to pursue "solutions" that are even more invasive than our current crop of 9/11-related idiocy.

Re:This number

[Dunbal]

but what concerns me is that this "number" could very well become another excuse for the government to pursue "solutions" that are even more invasive than our current crop of 9/11-related idiocy.

      Everyone knows those cyber-terrorists are building weapons of mass destruction. You are either with us or against us, you liberal cyber-terrorist facilitator...

      You know, the scary thing is it's almost not even funny anymore.

Shift emphasis

[Harmonious+Botch]

Legalize drugs for consenting adults, and put the crime-fighting resourses to use stopping cybercrime.

Windows to blame?

[Orthuberra]

Maybe they wouldn't be hacked so much if they used a secure operating system?

Drugs vs Cybercrime

[RancidPickle]

If you think about it, this makes perfect sense. Why risk getting 'capped' picking up ten bricks of heroin, risk getting snagged at some border transporting the bricks, and getting it home, just to get shot by your partner, when you could sit at some Starbucks, sipping a Venti White Chocolate Mocha and rake in tens of thousands of dollars.

Pushing ones and zeros are safer than pushing dope. No wonder organized crime has delved into the digital world.

The Courts

[photomonkey]

I agree that cybercrime is a huge problem (although I don't buy that it's more of a problem than illegal drug trade). At the very least, it is a crime on a lesser level because no one is placed in danger of physical harm through it's effects.

Cybercrime, as well as other crimes, should be punished according to the level of damage caused.

With that in mind, the current US court systems cannot seem to wrap their heads around the tactics and ideas put forth in the discovery period of civil copyright cases. There is a common misunderstanding or complete lack of understanding on the part of most of society in the ways of computers and networking.

At this point, I doubt very seriously that most of the accused and prosecutors have the knowledge or ability to fairly fight a cybercrime court case.

In physical, there is always some level of evidence present to tie a suspect to the crime. In the land of computers, it's much more difficult to do so. Where a physical bank robber can wear a mask or clothing to conceal identifying aspects of his physical person. But there remains at the scene hairs, fibers, eyewitness accounts, surveillance tapes and other evidence that helps to narrow down the criminal.

With cybercrime, the 'break-in' can happen from thousands of miles away without the perpetrator ever setting foot, or having ever previously set foot on the premises. There is no physical description, no chemical or biological evidence left behind. The attack could come from a public terminal at a library, or even someone's open (or hijacked) wireless access point. Through the use of zombie computers, the attack could come from my mother's computer.

How can we expect to catch, let alone prosecute cybercriminals without special law enforcement and prosecution/defense attorneys and judges capable of fairly trying people like my mother or the guy who used her computer to break into the Bank of America system?

Fabricated Numbers

[Rothfuss]

I don't want to belittle the impact of cyber-crime, but this $105 Billion number is just fabricated to make the problem look large. On the other hand, the numbers for drug trade are basically an estimated amount of drug sales.

Drug numbers are *real* numbers. They still may not be accurate, but at least they represent the summation of finite transactions - like the global automobile trade, or the global whale oil trade. It is a sales number.

Cyber crime is a 'damages' number. Like the woman that spilled hot coffee on her leg and sued McDonalds for several million dollars in 'damages'... and at least she had a specific amount of damages ruled in her favor. The trumped up cyber-crime numbers... along with the RIAA numbers... are just manufactured because it is handy to provide very large numbers if you are on the side of the people producing the numbers.

What I would like to see is how many $$s were actually phished last year? How much did the Nigerians actually rake in by claiming to be my/your/her/his brother in law or trusted barrister?

Bypasses?

[DrJimbo]

Cybercrime passes, or even surpasses drug trade but I don't know why you think cybercrime "goes around" drug trade.

Forgive me for being an English Nazi but jeez Louise, have they now outsourced Slashdot editing to people who don't speak English?

Short memory?

[suv4x4]

Just go back two articles and we see that the industry lied blatantly about the $40 billion losses of piracy in Canada, and that such numbers are hard or impossible to obtain. And in other news "cyber-crime has become a US$105 billion business"...

Do we ever learn?