|
The true cost of computer crime Celeste Biever, New Scientist, http://www.newscientist.com
AS SOCIETY changes, so do the crimes that people commit. And as the internet takes on an ever more important role, computer crime is emerging as the misdemeanor of choice. But just who are the victims, and how much is it costing them?
Remarkably, perhaps, we don't know. But that is about to change as researchers start to investigate the real effects of computer crime. And they have come up with some surprises. While it is well known that attacking websites and networks can prove costly for those that own them, it also hits companies such as Microsoft and Cisco that released the vulnerable software exploited by the hackers. That could provide a much-needed incentive for software vendors to produce more secure code. These attacks are also not necessarily as costly as their victims may claim, a finding which should help businesses decide how much to invest in security technologies. ...
Andy Ozment, who researches vulnerability disclosure at the University of Cambridge, has presented data to WEIS showing there is an 8 per cent chance that one or more people will independently discover the same vulnerability before it is patched. Ozment analyzed the source code of OpenBSD, an open-source operating system that runs many web servers.
Updates to OpenBSD are recorded, and by looking for the exact date on which the software was patched, Ozment has been able to create his own database of vulnerabilities. This database, he says, shows that the number of vulnerabilities decreases as a result of disclosure, which encourages people to patch their computer systems.
|
