Re: computing the cost of incidents

From: Dimitri Maziuk (dima@127.0.0.1)
Date: 03/29/03 

From: Dimitri Maziuk <dima@127.0.0.1>
Date: Sat, 29 Mar 2003 20:12:17 +0000 (UTC)

sam bailey sez:
> I'm doing some background research for an upcoming television program
> on computer security and in the process of reading all the interviews
> we've done with people in the field there's a wide variation in the
> damage estimates from more recent worms and things like slammer: from
> around hundreds of millions ($US) to hundreds of billions.
>
> I'm no expert on the matter but the higher-end numbers seem mighty
> inflated to me - they almost seem like they count the salary of
> everyone who's touched a system affected by the worm. I know there
> were some serious disruptions in the case of slammer (trading desks
> closed at financial institutions, atms, credit card clearing systems)
> but I can't see it being more than the GNPs of many small countries.

I think part of the reason is that (in US, at least) the authorities
will not investigate an incident unless you can claim significant
damage, in the 10th of thousands range IIRC. (Take look at e.g. Steve
Gibson's website, he has a transcript of his conversations with FBI
there somewhere). So if you want to report the incident, you have to
inflate the numbers.

Dima 

-- 
Q276304 - Error Message: Your Password Must Be at Least 18770 Characters
and Cannot Repeat Any of Your Previous 30689 Passwords           -- RISKS 21.37