Home Up Biography Links News Downloads John Walker Crime Trends Analysis Running Man Logo


 

 

New!!

Cybercrime survey ended - results HERE!

New!!

 Updated estimates of ML in and through Australia

6-page Summary Report

100-page Main Report

Modeling Global Crime:

Illicit Drugs

Money Laundering

Justice System Resource Allocation:

Forecasting Trends in Crime

The Costs of Crime

Staffing the Police

Indigenous Over-representation in the Criminal Justice System

 

 

Up
Biography
Links
News
Downloads

Survey of the Incidence and Costs of Cybercrime

Hi friends.

Estimates of the global extent of cybercrime and the costs to victims are impossible to find - excepting some figures from the USA and Australia. I have always wondered if the prevalence of cybercrime is the same in, for example, non-English-speaking internet users.  I wondered, too, if the costs are borne predominantly by certain types of users, whether home-based internet users are at greater risk of victimisation than business-based ones.  Existing surveys seem only interested in business users, or specific countries' users, and there is no consistency amongst them.  The Australian Cyber Crime Surveys (http://www.aic.gov.au/research/projects/0133.html) seemed to have come up with a fairly comprehensive categorisation of cybercrime, although its sampling frame was 20,000 businesses across all industry sectors in Australia.  Our survey therefore used the ACCS categories of cybercrime, and attempted to see how home-users' experience compared with their experience at work.

We used the survey section of the Society of Anti-Moneylaundering Professionals (http://www.socamlpro.org/SocAMLPro_Surveys.htm) as the vehicle for the survey, and a little promotion amongst our extensive international contacts - asking them to get their friends, and their friends' friends etc to complete the survey.  The idea of a snowball sample survey, that gets bigger and bigger as more people join the sample, isn't new, and might have worked via the internet, except that - I suspect - cybercrimes like phishing have made people very suspicious of unsolicited emails from strangers!

The survey elicited only 79 responses.  For a very small and self-selecting survey, however, the results are reassuringly credible.  However, the sample was too small to achieve its real objectives, so, for example,  it failed to show any statistically significant differences between countries. 11 responses came from developing countries, such as China, India and South Africa, while the remainder came from developed countries including Australia, Singapore, NZ, European and north America.

The figures do, however, suggest differences between the prevalence of cybercrimes at home and at work.  Surveys based only on one type of victim will therefore be biased. Put simply, home users suffer more from viruses and trojans, presumably as a result of lower standards of security, while work victims suffer more from insider abuse, unauthorised access and insider abuse of resources.  No surprises there!

In terms of costs, home users' costs are much lower than costs of cybercrimes at work, and these in turn are much lower than the costs recorded by the ACCS survey, which focussed on businesses.

Converting these costs to a "per-PC User" cost, works out at a neat $AUD75 per user per year.  Extrapolated to a global estimate, using the "internetworldstats.com" data on Internet user numbers in different countries, we estimate the global costs of cybercrime at almost $US81 billion per year.  While that sounds enormous, it works out at less that one sixth of one percent of world GDP.

It may not have been spectacularly successful as a survey, but it does serve to raise interesting questions about the factors that drive differences in the prevalence and costs of cybercrime, and how prevention activities should be targeted.  It shows that priorities might differ from user to user, from country to country, from language group to language group etc.

Because, by definition, cybercrime is a trans-national problem, a more systematic approach to cybercrime is needed, with the key elements being:

bulletStandardised Definitions
bulletBusiness and Individual Victimisation
bulletPrevalence and Costs
bulletGlobal Approach
bulletAnalysis of Drivers
bulletDevelopment of Counter-measures
l

 

 

[Home] [Up]

Send mail to john.walker@johnwalkercrimetrendsanalysis.com.au with questions or comments about this web site.
Copyright 2007 John Walker Crime Trends Analysis
Last modified: 01/14/08