Declining cost of malware attacks?
Results 1 to 9 of 9

Thread: Declining cost of malware attacks?

  1. #1
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190

    Declining cost of malware attacks?

    This is rather interesting, apparently the annual cost of corporate malware attacks has been declining over the past couple of years:

    Story:

    http://home.businesswire.com/portal/...00639&vnsId=41

    I guess this is in line with the reported change of emphasis by malware authors from disruptive to commercial gain?

    I also suspect that the drop of $4.5 billion is more than made up for by the increase in computer based fraud

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Is it more that perhaps fewer corporations are reporting it? Bad news can have an adverse affect on stock market and company confidence. I'm still curious as to what the CSI/FBI survey will say this year when it's released.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Yes, that is a thought, but I think that the way these incidents are reported has some influence?

    Traditional malware attacks don't seem to get reported by specific victim. That is usually DoS attacks, frauds, server compromises and leaking customer confidential information. Certainly not good for your corporate or institutional image.

    Here is Kaspersky's analysis of what was going the rounds for May 2007:

    http://www.kaspersky.com/news?id=207575528

    Mostly worms and trojans it would seem?

  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    So perhaps changing the kind of attacks or how they are detected? What was once malware is now a trojan?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    I actually believe that there has been a shift in direction in the "malware industry". We don't seem to have the disruptive/destructive items that we used to get.

    Today it seems to be more about building bot armies, delivering adware, harvesting passwords, credit card details account details and the like.

    The malware tries to stay hidden to retain control of the victim which can then be used for all sorts of nefarious activities?

    I can certainly remember the days when skiddies would brag about having a bot army of several hundred machines. From what I read, todays bot herders have armies of tens of thousands?

    Sure, it still costs to clean up a corporate or institutional network, but I think that the decline of almost 25% in reported costs is partly explained by the lack of purely destructive items.

    I suspect that another factor is that a lot of the stuff we are seeing is not new, but is a variant on an existing malware. I would expect generic detection to be reasonably effective against those, and that larger users would have that in place and up to date?

    Perhaps the bad guys are playing the numbers game? It may take more effort to infect 2,000 private, home network and small business systems, but if you infect a 2,000 seat corporate environment, as soon as you are detected you lose the lot?

    Also, the figures could be misleading, as they are almost certainly from larger users. The costs of small and home users are probably not collected or reported.

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    It is the result of a survey then extrapolated:

    http://www.computereconomics.com/

    These surveys are anonymous so I don't think that there is a particular incentive to hush things up. Come to think of it, you don't hear about particular institutions being hit by viruses............. only about frauds?

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Remember that the bank or CC company often have to pick up the tab, or they get fined:

    http://www.fsa.gov.uk/pages/Library/...2007/060.shtml

  8. #8
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,243
    Consider the source...

    http://en.wikipedia.org/wiki/Computer_Economics

    ...I wonder who they're in bed with.

    Depending on who's picking up the tab, sometimes it pays well to
    paint things as "a bright, shiny lie."
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hmmmm,

    They have been around for almost 30 years and claim:

    The firm does not accept research sponsorships from technology vendors.
    As for bright shiny lies, I don't really buy that. $13 billion is better than $17.5 billion, but it is still one hell of a lot?

    The concept does seem to be supported by reports from security product vendors, security bodies and law enforcement agencies as well.

    I do wonder about the costings myself, based on what I see "hackers" being accused of. Like I have a security incident and I bring in consultants, new processes, new procedures, new hardware, new software, additional staff training.............. and I claim that is all a "cost" of the incident?

    In reality most of the cost is money I should have spent up front preventing the incident in the first place.

    "Trust me, I am a creative accountant"

Similar Threads

  1. ISC Update: LAND Attacks and new Malware
    By genXer in forum Security News
    Replies: 10
    Last Post: December 16th, 2005, 07:20 PM
  2. A look into IDS/Snort Whole thing by QoD
    By qod in forum The Security Tutorials Forum
    Replies: 6
    Last Post: February 27th, 2004, 03:03 AM
  3. A look into IDS/Snort part 1 of 3
    By qod in forum The Security Tutorials Forum
    Replies: 18
    Last Post: January 5th, 2004, 02:30 PM
  4. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  5. Understanding DoS
    By NullDevice in forum The Security Tutorials Forum
    Replies: 21
    Last Post: December 17th, 2003, 10:03 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •