Billion-dollar virus economics

When math attacks

  • alert
  • submit to reddit

Using blade systems to cut costs and sharpen efficiencies

Let us now pause to praise the computer virus cost accountants. We pray they cease their counsel, which falls into our ears as profitless as water in a sieve.

Yeah and verily, the computer virus econometrics gurus join a royal college of experts who live primarily to feed statistics and figures to the news media. Well before the invention of the computer virus, I encountered cost and figures "experts" continually as a writer for a daily newspaper. No story describing a problem or social phenomenon was complete without a few meaningless statistics passed off as hard fact or proof of some assertion.

Every reporter knew that to avoid a rewrite it was always prudent to include numbers. Since journalism operations generally have no one trained in any of the hard sciences, engineering or accounting -- or even people adept at simple common-sense mathematics -- figures were excellent for drugging editors into thinking an article was stitching together a sampling of erudite modern thought rather than a loose pastiche of often quite flaky opinion.

To supply the necessary numbers one needed "experts." They were yahoos from local universities, newly elected pols of dubious intelligence but great ambition, members of professional associations, captains of business, anyone with a yearning to get their name into the news or Lex-Nex regularly. How figures were arrived at was of little actual consequence; what was key was that the utterer have some pompous title or residence at an institution setting him or her apart from the average citizen urchin.

An "expert" industry quickly expanded solely to furnish quotes and numbers for the process. Experienced reporters knew it was easy in such an environment to get even the most reactionary ideas passed off as statements of Delphic wisdom by coupling them to funny figures. Seasoned experts realized, conversely, that it was elementary to widely publicize even the most bizarre or self-serving epistles by merely packaging them with the same.

And once a statistic was vetted by publication as news, it could be cited ad nauseum without fear of second-guess, often ensuring its place as part of the received wisdom on any given subject.

When Math Attacks

Now that you have been briefed on the cynical process, I'm going to divert for a vanity exercise in computer virus costs and what they could mean. And while it is assuredly crazed, it's no more so than many I have seen meant to be drop-dead serious.

The first step in the exercise: Put together a grab bag of virus damage estimates culled from unimpeachable sources.

* Cost of the "LoveLetter" virus: "...as much as $10 billion." (ICSA.Net, October 23, 2000, "2000 Computer Virus Prevalence Survey")

* Cost of the Code Red and SirCam viruses: $3.8 billion. (Computer Economics)

* Overall cost of computer viruses in 2001: "...US $10 billion or $100 billion last year, it's hard to say." (Symantec mouthpiece, NewsFactor Network, February 21, 2002.)

Next, the humble correspondent gathers even more statistics from a somewhat different area of expenditure so that readers will have some framework in which to contrast and compare computer virus costs.

* "The price of the [Afghan] war could be $12 billion, half of what the federal government spends on medical research ... the bombing campaign against Yugoslavia in 1999 cost ... $3 billion." (Associated Press, November 12, 2001.)

* Combined military budgets of the "Axis of Evil": $11.5 billion. (Center for Defense Information)

* Fiscal year 2003 funding request for ballistic missile defense: $8.6 billion. (Center for Defense Information)

The final step in this exercise is synthesis: the mining of precious nuggets of wisdom and information from the conflation of numbers.

Yes, from these figures it can be seen that taxpayers and national leaders are spending on the wrong things. The cost attributed to a few specific computer viruses in the last two years eclipses the entire military budget of the "Axis of Evil" and has been more expensive to the nation than the Afghan war.

When one considers that computer viruses are written pro bono, the continued hemorrhaging of U.S. dollars on a large military encumbered with aircraft carriers, soldiers who must be paid and strategic bomb wings becomes incomprehensible. Indeed, it can be theorized that with the judicious employment of computer viruses, the entire military machine of the "Axis of Evil" might be expected to collapse.

It is simple arithmetic. Since the defense bureaucracies of the "Axis of Evil" can only devote a fraction of their budgets to anti-virus defense, viruses directed upon them and capable of causing more loss than the entire gross income must inevitably destroy them without the firing of a shot.

If similar comparisons are extended to the United States homeland, the conclusions are troubling. The Symantec quote of $100 billion in virus damages exceeds by three times the amount of money the U.S. government annoyingly spends on medical research. Obviously, to avoid the further bleeding of corporate America by malicious code, such scarce financial resources must be reallocated at once to computer network recovery.

© 2001 - 2002 SecurityFocus, all rights reserved.

Related Stories

The Code Red hype Hall of Shame
Code Red hysteria - $8.7bn in damage estimated

The smart choice: opportunity from uncertainty

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
prev story


Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.