Summary of Growth in Internet Problems

There are always sensationalistic reports in the press of increasing problems with Internet crimes being on the increase, typical headlines read:

· 'Internet Crime Statistics up Again' [PC Direct][i];

· 'Financial Losses Due to Internet Intrusions, Trade Secret Theft, and Other Cyber Crimes Soar' [CSI][ii];

· 'High Tech Crime is increasing Significantly' [NHTCU][iii];

· 'Hackers turn UK into Cyber-Crime Central' [KPMG][iv].

Other countries are also seeing a substantial increase in various categories of Internet fraud. In December 2000, the ICC's Commercial Crime Services (CCS) Division reported that Internet fraud in 2000 was 'rising dramatically', accounting for more than two-thirds (2,776) of the 4,139 cases that its business partners referred. This was stated to represent a 100% increase on the figures reported in 1999.

Noteworthy attacks over recent years include such cases as the MCI Communications switch and credit card penetration resulted in a $50 million loss and the Russian Organized Crime Electronic Funds Transfer (EFT) attack on Citibank resulted in a $12 million loss in Aug 1994 [Cigital Labs 2002][v].

The fundamental problem in assessing and quantifying the cost of financial crime on the Internet revolves around disclosure[1]. Currently the US leads the way in this area and the UK has no such mature process. Many UK organisations and Government are talking about addressing this issue but these talks have not produced a working process or system that can record and report crime statistics for the Internet.

A meaningful overall estimate for losses due to financial crime on the Internet is almost impossible to establish, but in October 2000 the German Foreign Minister Joschka Fisher reported that G8 losses due to computer crime stood at $Bn 42.9 a year [IAAC 2001][vi].. This did not identify specifically losses due to financial crime on the Internet.

In the UK in 2002 the NHTCU surveyed 105 organisations who reported 3000 incidents for the year [NHTCU 2002-1][vii]. Of the 105, only 3 believed that their companies had not experienced any computer related crimes in the previous 12 months. It is noted that NHTCU has been subsumed into SOCA and has lost its original role.

In the US the CSI has, with the FBI, been running annual surveys into the cost of computer crime of all types. Graphs illustrating this are shown below

Figure 27 - The cost of computer crime 1997 - 2006
[Source: CSI/FBI Annual Reports]

In the UK, the only results seen were those from the NHTCU, and these are shown below:

Figure 28 - The cost of computer crime in the UK 2002
[Source: NHTCU Survey 2002]

[i] PC Direct 2002 - PC Direct Magazine, April 2000, ZDNet Publishing

[ii] CSI 2001 - Computer Security Institute, Press Release May 10, 2001

[iii] NHTCU 2002 - Opening Address, NHTCU Conference 2002 (Detective Superintendent Len Hynds)

[iv] KPMG 2001 - Alex Plasvic, Fraud Investigating Partner, KPMG, Network News, April 11, 2001

[v] Cigital 2002 - http://www.cigitallabs.com/resources/definitions/information_warfare.html

[vi] IAAC 2001 - 'Cost of Computer Crime', Briefing Paper No. 17, April 3, 2001

[vii] NHTCU 2002-1 - 'High Tech Crime, The Impact on UK Business', NHTCU

A Guide To Computer Crime
Summary of Growth in Internet Problems There are always sensationalistic reports in the press of increasing problems with Internet crimes being on the increase, typical headlines read: · 'Internet Crime Statistics up Again' [PC Direct][i]; · 'Financial Losses Due to Internet Intrusions, Trade Secret Theft, and Other Cyber Crimes Soar' [CSI][ii]; · 'High Tech Crime is increasing Significantly' [NHTCU][iii]; · 'Hackers turn UK into Cyber-Crime Central' [KPMG][iv]. Other countries are also seeing a substantial increase in various categories of Internet fraud. In December 2000, the ICC's Commercial Crime Services (CCS) Division reported that Internet fraud in 2000 was 'rising dramatically', accounting for more than two-thirds (2,776) of the 4,139 cases that its business partners referred. This was stated to represent a 100% increase on the figures reported in 1999. Noteworthy attacks over recent years include such cases as the MCI Communications switch and credit card penetration resulted in a $50 million loss and the Russian Organized Crime Electronic Funds Transfer (EFT) attack on Citibank resulted in a $12 million loss in Aug 1994 [Cigital Labs 2002][v]. The fundamental problem in assessing and quantifying the cost of financial crime on the Internet revolves around disclosure[1]. Currently the US leads the way in this area and the UK has no such mature process. Many UK organisations and Government are talking about addressing this issue but these talks have not produced a working process or system that can record and report crime statistics for the Internet. A meaningful overall estimate for losses due to financial crime on the Internet is almost impossible to establish, but in October 2000 the German Foreign Minister Joschka Fisher reported that G8 losses due to computer crime stood at $Bn 42.9 a year [IAAC 2001][vi].. This did not identify specifically losses due to financial crime on the Internet. In the UK in 2002 the NHTCU surveyed 105 organisations who reported 3000 incidents for the year [NHTCU 2002-1][vii]. Of the 105, only 3 believed that their companies had not experienced any computer related crimes in the previous 12 months. It is noted that NHTCU has been subsumed into SOCA and has lost its original role. In the US the CSI has, with the FBI, been running annual surveys into the cost of computer crime of all types. Graphs illustrating this are shown below Figure 27 - The cost of computer crime 1997 - 2006 [Source: CSI/FBI Annual Reports] In the UK, the only results seen were those from the NHTCU, and these are shown below: Figure 28 - The cost of computer crime in the UK 2002 [Source: NHTCU Survey 2002] [1] See Section 6 - Reporting [i] PC Direct 2002 - PC Direct Magazine, April 2000, ZDNet Publishing [ii] CSI 2001 - Computer Security Institute, Press Release May 10, 2001 [iii] NHTCU 2002 - Opening Address, NHTCU Conference 2002 (Detective Superintendent Len Hynds) [iv] KPMG 2001 - Alex Plasvic, Fraud Investigating Partner, KPMG, Network News, April 11, 2001 [v] Cigital 2002 - http://www.cigitallabs.com/resources/definitions/information_warfare.html [vi] IAAC 2001 - 'Cost of Computer Crime', Briefing Paper No. 17, April 3, 2001 [vii] NHTCU 2002-1 - 'High Tech Crime, The Impact on UK Business', NHTCU	Practitioner.Com: An Introduction to Computer Crime
Return To An Introduction to Computer Crime