Billion-dollar virus economics

When math attacks

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Let us now pause to praise the computer virus cost accountants. We pray they cease their counsel, which falls into our ears as profitless as water in a sieve.

Yeah and verily, the computer virus econometrics gurus join a royal college of experts who live primarily to feed statistics and figures to the news media. Well before the invention of the computer virus, I encountered cost and figures "experts" continually as a writer for a daily newspaper. No story describing a problem or social phenomenon was complete without a few meaningless statistics passed off as hard fact or proof of some assertion.

Every reporter knew that to avoid a rewrite it was always prudent to include numbers. Since journalism operations generally have no one trained in any of the hard sciences, engineering or accounting -- or even people adept at simple common-sense mathematics -- figures were excellent for drugging editors into thinking an article was stitching together a sampling of erudite modern thought rather than a loose pastiche of often quite flaky opinion.

To supply the necessary numbers one needed "experts." They were yahoos from local universities, newly elected pols of dubious intelligence but great ambition, members of professional associations, captains of business, anyone with a yearning to get their name into the news or Lex-Nex regularly. How figures were arrived at was of little actual consequence; what was key was that the utterer have some pompous title or residence at an institution setting him or her apart from the average citizen urchin.

An "expert" industry quickly expanded solely to furnish quotes and numbers for the process. Experienced reporters knew it was easy in such an environment to get even the most reactionary ideas passed off as statements of Delphic wisdom by coupling them to funny figures. Seasoned experts realized, conversely, that it was elementary to widely publicize even the most bizarre or self-serving epistles by merely packaging them with the same.

And once a statistic was vetted by publication as news, it could be cited ad nauseum without fear of second-guess, often ensuring its place as part of the received wisdom on any given subject.

When Math Attacks

Now that you have been briefed on the cynical process, I'm going to divert for a vanity exercise in computer virus costs and what they could mean. And while it is assuredly crazed, it's no more so than many I have seen meant to be drop-dead serious.

The first step in the exercise: Put together a grab bag of virus damage estimates culled from unimpeachable sources.

* Cost of the "LoveLetter" virus: "...as much as $10 billion." (ICSA.Net, October 23, 2000, "2000 Computer Virus Prevalence Survey")

* Cost of the Code Red and SirCam viruses: $3.8 billion. (Computer Economics)

* Overall cost of computer viruses in 2001: "...US $10 billion or $100 billion last year, it's hard to say." (Symantec mouthpiece, NewsFactor Network, February 21, 2002.)

Next, the humble correspondent gathers even more statistics from a somewhat different area of expenditure so that readers will have some framework in which to contrast and compare computer virus costs.

* "The price of the [Afghan] war could be $12 billion, half of what the federal government spends on medical research ... the bombing campaign against Yugoslavia in 1999 cost ... $3 billion." (Associated Press, November 12, 2001.)

* Combined military budgets of the "Axis of Evil": $11.5 billion. (Center for Defense Information)

* Fiscal year 2003 funding request for ballistic missile defense: $8.6 billion. (Center for Defense Information)

The final step in this exercise is synthesis: the mining of precious nuggets of wisdom and information from the conflation of numbers.

Yes, from these figures it can be seen that taxpayers and national leaders are spending on the wrong things. The cost attributed to a few specific computer viruses in the last two years eclipses the entire military budget of the "Axis of Evil" and has been more expensive to the nation than the Afghan war.

When one considers that computer viruses are written pro bono, the continued hemorrhaging of U.S. dollars on a large military encumbered with aircraft carriers, soldiers who must be paid and strategic bomb wings becomes incomprehensible. Indeed, it can be theorized that with the judicious employment of computer viruses, the entire military machine of the "Axis of Evil" might be expected to collapse.

It is simple arithmetic. Since the defense bureaucracies of the "Axis of Evil" can only devote a fraction of their budgets to anti-virus defense, viruses directed upon them and capable of causing more loss than the entire gross income must inevitably destroy them without the firing of a shot.

If similar comparisons are extended to the United States homeland, the conclusions are troubling. The Symantec quote of $100 billion in virus damages exceeds by three times the amount of money the U.S. government annoyingly spends on medical research. Obviously, to avoid the further bleeding of corporate America by malicious code, such scarce financial resources must be reallocated at once to computer network recovery.

© 2001 - 2002 SecurityFocus, all rights reserved.

Related Stories

The Code Red hype Hall of Shame
Code Red hysteria - $8.7bn in damage estimated

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
Desperate VXers enslave FREEZERS in DDoS bot
Updated Spike malware targets Asia
Heatmiser digital thermostat users: For pity's sake, DON'T SWITCH ON the WI-FI
A stranger turns up YOUR heat with default password 1234
prev story


Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.