McAfee Exaggerated Cost of Hacking, Perhaps For Profit

coolnumbr12 writes "A 2009 study (PDF) by the McAfee estimated that hacking costs the global economy $1 trillion. It turns out that number was a massive exaggeration by McAfee, a software security branch of Intel that works closely with the U.S. government at the local, state and federal level. A new estimate by the Center for Strategic and International Studies (and underwritten by McAfee) suggests the number is closer to closer to $300 billion (PDF), but even that much is uncertain. One of McAfee's clients, the Department of Defense, has used the $1 trillion estimate to argue for an expansion of cybersecurity, including 13 new teams dedicated to cyberwarfare. Despite the new data, Reuters said McAfee is still trying to exaggerate the numbers." The $1 trillion study has seen other criticism as well, so the new data is a step in the right direction.

News at 11?

[Mitreya]

McAfee Exaggerated Cost of Hacking, Perhaps For Profit

... perhaps?

Re:News at 11?

[Mr0bvious]

Perhaps if you include the amount paid to virus protection rackets (McAfee et al) it may just reach or exceed that $1 trillion...

 

Re:News at 11?

[hairyfeet]

Well I got to say most of us little shop guys certainly profit from McCrappy, we get paid to remove that shit because its fricking worse than the malware! You want to see a laptop grind to a fricking halt use McCrappy or Norton and just watch the cycles get wasted.

So TFA really doesn't surprise me that they are pulling shady shit as their products are frankly more of a PITA than a lot of the infections I've seen of late. You want to know which AVs to avoid? Norton, McCrappy, and I'll get hate for saying this but I'd add MSE to that list. what I've found is that MSE is really more of a placebo, you give it to those that already follow best practices and it'll make them feel more comfortable but it really doesn't do much and usually scores at the bottom of most tests. Honestly that shouldn't be a surprise to anybody as it was originally called Giant AntiSpy and was made to keep spyware and toolbars off, NOT worms and rootkits and viruses.

If you want a good AV that doesn't cost a dime? Here in the shop I've both tested the AVs myself as well as seen how well they work based on my customers and I'd say Comodo Internet Security and Avast Free are both REALLY good. Comodo is for your geeks as it has really REALLY fine grained controls and you can customize the hell out of it, although frankly you don't have to as for the past few years the defaults have been sane and well thought out. For your non geeks, your average Joes and Janes? Avast Free works really well, it holds their hand with info bubbles in English instead of geek speak, has a built in software updater that will warn you when your third party stuff is out of date, and its UI is REALLY simple and straightforward.

So do us all a favor and don't reward bad behavior by buying McCrappy, not only are they pulling numbers out their behinds but their AV ties a boat anchor on the system.

Re:News at 11?

[davester666]

Next up...losses by big media due to copyright infringement...

Re:News at 11?

[dingen]

What do mcafee and the anti-virus mafia bring to the US economy per year?

I wouldn't be surprised if the combined time a virus scanner takes away by using system resources and asking users for updates and other stuff is more than the time it saves by blocking malware and viruses.

Cyberwarfare?

[Mitreya]

Department of Defense, has used the $1 trillion estimate to argue for an expansion of cybersecurity, including 13 new teams dedicated to cyberwarfare.

What exactly is this "cyberwarfare" that I keep hearing about?
Who are we fighting? What are the objectives? When will it end?

Re:Cyberwarfare?

[sandytaru]

Other countries and organizations are trying to hack into the US (so they say.)

We are fighting them on our own electronic turf - "they" being primarily North Korea, China, and Russia (so they say.)

The objectives are to protect the personal data of the citizens of the United States (the NSA is doing quite enough spying already, after all) and state secrets (which is why they're so pissed at Snowden since they spent all that money trying to stop China from getting shit and he just handed them a laptop. Doh!)

It will never end.

Re:Cyberwarfare?

[datavirtue]

...repeatedly in sci-fi over many decades of an elite under whose aegis..

X-Files came off as ridiculous most of the time but the main story line, which was often nestled in between stupid ad-hoc urban legend episodes, was based on an inner cell of powerful individuals (starting with the Joint Chiefs of Staff) who arranged to kill JFK (they were anti-communists who were totally pissed off after JFK cancelled the invasion of Cuba after these guys spent half their career preparing for it) and remained in power for a generation afterward operating in the shadows. Sent chills up my spine as one of the most plausible JFK assassination theories I have ever heard. It had the "ring of truth" to it. Not claiming it is true, but I found the main story line of X-files compelling with the filler episodes being totally stupid (although the main storyline ends rather far-fetched, the beginning--fleeting compared to the length of the series--was chillingly plausible).

McAfee study challenges McAfee study?

[Trepidity]

If I get this correct, this is the original study being challenged:

A 2009 study (PDF) by the McAfee estimated that hacking costs the global economy $1 trillion.

And here is the new evidence:

A new estimate by the Center for Strategic and International Studies (and underwritten by McAfee) suggests the number is closer to closer to $300 billion

So this is two different McAfee-funded studies dueling it out?

mcafee is POS software anways

[Joe_Dragon]

mcafee is POS software anways

It actually is a trillion dollars

[symbolset]

Further on they say global losses are "probably" in the "range" of $300 billion.

These are the losses - data loss, the costs of identity theft and notification. If you want to count the cost of the Windows malware ecosystem you have to include both the losses and the cost of defense. That's all the costs of data losses, the entire revenues of all antivirus, firewall, next-gen endpoint sofware companies including the (now Intel) McAffee. These things cost money, and without the Windows monoculture they could not persist.

I have long said that the cost of the Windows malware ecosystem far exceeds Microsoft's own revenues. This is proof. The cure is easy: Don't run Windows. You can choose to not have this problem. You can opt out. Google did. If someday your choice of other OS becomes also so infested because it has become too popular and its developers lose track of security you can choose another. The OS isn't really that important anyway.

Re:It actually is a trillion dollars

[sandytaru]

The OS is damn well important if you're trying to play a current gen video game. *sigh*

Re:It actually is a trillion dollars

[symbolset]

If you're running AV then the fraction of expense committed to defense has to be at least 50% of your desktop IT spend because that's how much of a PC's capacity modern AV takes - even though it doesn't work.

Black projects and classified losses

The real number might be closer to the $1T if we allow for the cost of losses that have not been released due to the very existence of the project being secret. They never would have admitted it at the time if a spy had compromised the Manhattan project. Do you think it is any different today?

About $2.5 billion

Cyber war needs cyber casualties, $300 billion is hugely inflated too.

Take out the cost of basic security, which should already be part of business, you don't count the cost of the locks on your doors as losses due to theft, yet these inflated numbers always count the cost of basic security as a loss due to hacking.

The reason this number is hugely inflated is because it's part of the cyber-war justification. If you want a big budget (NSA gets $10 billion? $20 billion? 30?) then you need to be able to inflict casualties. They need to exaggerate a threat from script kiddies to justify that.

Credit card and bank fraud is about 1% of online sales, so it won't be much bigger than that. So 1% of 250 is $2.5 billion:

http://techcrunch.com/2010/03/08/forrester-forecast-online-retail-sales-will-grow-to-250-billion-by-2014/

No different than...

[msauve]

Law enforcement's take on drugs which often (always?) values things based on the sale of minimal quantities. Busted a couple of tons of pot? Value it based on the highest value of selling joints on the street.

It's all lies, meant to justify their existence.

But nobody can exaggerate how crappy

[EmperorOfCanada]

But nobody can exaggerate how crappy their bloated, pile of dung, machine slowing, worst-possible-time pop-up, fear mongering, computer newb fooling, circle of garbage really is.

In the future when people are writing case studies about the PC industry they are going to point a huge finger at the bloated trialware business model that has ruined the experience of buying a new computer. Basically consumer PCs are sold profitless. Then the companies hope that a certain percentage of the fools buy one of these piles of snot software packages of which the manufacturer gets a significant cut. Profit.

But the end result is that non-tech people unwrap their shiny new machine only to find all kinds of confusing icons for music services, media services, a trial for MS Office, and the worst... some AV pile of vomit. The AV vomitus will then tell them that they need to subscribe to their service otherwise the machine will be more infested than a street-walking Bangkok lady-boy.

Some defenders will scream, "If they don't want it then they can uninstall it." But the simple reality is that your average computer buyer from Staples is 100% unable to uninstall it thus will have this software threatening them every time they look at the screen.

I don't know how many giant screens or kiosks that I have seen screaming about the subscription running out.

But then the next layer of pain is that nobody hardly trusts these popups. With people like myself saying, "For the love of all that is good don't buy that crap." So now how can they distinguish between some AV crap trying to scam them and just their OS telling them that they should install the update.

Then people like myself come along and see that they are about 3 years behind on their updates because they were to scared to ever OK the updates. Their Adobe Flash is 4 versions out of date and their browser is running a beta of this new Javascript thing. So the fear caused by the bloatware AV has now caused them to allow their machine to become woefully insecure.

The alternative is that they blindly trust everything that seems helpful resulting in so many toolbars that they are left with around 1 inch of working browser and their machine takes 5 minutes and 8 casino ads to boot up.

So to me these AV types are not just the scum they obviously are but an insidious destroyer of the PC industry.

The best part is how people have been leaping to smart-phones to get away from desktops that scare them only to find many of the Telcos have installed "Helpful" software that points to obscure music/ringtone services, custom search engines, and other things that no doubt send a kickback their way.

Re:UPDATE:

[MightyMartian]

New study proves only more peanuts can cure peanut cancer!