Skip to main content

Research Talk:  Measuring Cybercrime

Date:October 19, 2012 
Talk Title:Measuring Cybercrime
Speaker:Richard Clayton, Security researcher at the University of Cambridge
Time & Location:1:00pm - 2:00pm
CIC Building, Pittsburgh


This talk will discuss this study and the policy conclusions that can be drawn from it, along with some of its known limitations ... To this will be added some snippets from other work which shed new light on the specific cybercrime of phishing and which has provided, for the first time, a plausible estimate of the number of criminals that are involved.

Speaker Bio

Dr Richard Clayton is a security researcher at the University of Cambridge. He is a software developer by trade, his software house produced operating systems and word processors used by millions in the 1980s. In the 1990s he worked for the largest UK ISP, then in 2000 returned to Cambridge for a PhD on "Anonymity and Traceability in Cyberspace". He has stayed on as an academic because "it is more fun than working"; concentrating on studying ecrime generally and particularly phishing.

Richard Clayton was one of eight authors of what is believed to be the first systematic study of the costs of cybercrime, presented at WEIS 2012. Previous studies had hyped the problem into many billions or even a trillion dollars -- to general disbelief. This new study distinguishes traditional crimes that are now 'cyber' because they are conducted online (such as tax and welfare fraud); transitional crimes whose modus operandi has changed substantially as a result of the move online (such as credit card fraud); new crimes that owe their existence to the Internet; and what we might call platform crimes such as the provision of botnets which facilitate other crimes rather than being used to extract money from victims directly. The data shows -- as far as direct costs are concerned -- that traditional offences such as tax and welfare fraud cost the typical citizen in the low hundreds of dollars a year; transitional frauds cost a few dollars; while the new computer crimes cost in the tens of cents.