Problems of Reporting

It is impossible to give any reliable answer to the question of how much computer crime there is on the Internet as there two different problems in trying to answer this question. They are called the 'problem of ascertainment'.

The first one is that there are an unknown number of undetected crimes. This is not just a phenomenon of the Internet. The same is true for the Financial Services arenas, who do not actually know how much money is being stolen or the Insurance Industry who do not know how much money is being defrauded.

It is possible to know that they have not been detected as there are often frauds detected well after they have been carried out. There are various estimates of under-reporting statistics and this ranges from less than 1% to 10% of crimes carried out being detected depending on whom is consulted.

The second major problem is that of failure to report them to any law enforcement agency. Again, there are a number of estimates that range from less than 1% to 10% of detected crimes being reported to law enforcement

Many of the organisations are embarrassed to confess that they have been conned. After all, in the case of 419 frauds they have demonstrated a propensity for law breaking and financial fraud by offering to assist in illegal acts.

Figure 34 - Reasons for NOT reporting intrusions to Law Enforcement 1996 - 2002
[Source: 2002 CSI/FBI Survey]

Figure 35 - Actions taken by an organisation if suffering an intrusion 1996 - 2002
[Source: 2002 CSI/FBI Survey]

These results are not statistically meaningful as they are based on about 500 survey responses each year. Having said that, the numbers do tell a coherent story.

The same is true in the UK, the annual 'breaches survey' from the DTI [DTI 2002][i] and other reports show similar trends but there is still massive under-reporting, a figure of 1% of discovered crimes is often quoted.

A Guide To Computer Crime
Problems of Reporting It is impossible to give any reliable answer to the question of how much computer crime there is on the Internet as there two different problems in trying to answer this question. They are called the 'problem of ascertainment'. The first one is that there are an unknown number of undetected crimes. This is not just a phenomenon of the Internet. The same is true for the Financial Services arenas, who do not actually know how much money is being stolen or the Insurance Industry who do not know how much money is being defrauded. It is possible to know that they have not been detected as there are often frauds detected well after they have been carried out. There are various estimates of under-reporting statistics and this ranges from less than 1% to 10% of crimes carried out being detected depending on whom is consulted. The second major problem is that of failure to report them to any law enforcement agency. Again, there are a number of estimates that range from less than 1% to 10% of detected crimes being reported to law enforcement Many of the organisations are embarrassed to confess that they have been conned. After all, in the case of 419 frauds they have demonstrated a propensity for law breaking and financial fraud by offering to assist in illegal acts. Figure 34 - Reasons for NOT reporting intrusions to Law Enforcement 1996 - 2002 [Source: 2002 CSI/FBI Survey] Figure 35 - Actions taken by an organisation if suffering an intrusion 1996 - 2002 [Source: 2002 CSI/FBI Survey] These results are not statistically meaningful as they are based on about 500 survey responses each year. Having said that, the numbers do tell a coherent story. The same is true in the UK, the annual 'breaches survey' from the DTI [DTI 2002][i] and other reports show similar trends but there is still massive under-reporting, a figure of 1% of discovered crimes is often quoted. [i] DTI 2002 - The Bi-Annual Breaches Surveys carried out on behalf of the DTI in 2002, 2000, 1998 and 1996	Practitioner.Com: An Introduction to Computer Crime
Return To An Introduction to Computer Crime