As yesterday’s link pointed out, all public signs point to the next few
years being chock-full of various attacks. Malware, social engineering, and a whole lot more.
So, what happens when the world wakes up and realizes how vulnerable they are?
Consider the linked study by Anderson et al. of costs associated with conventional Internet crime. People are spending ten times as much on preventing electronic crime than they’re losing to the criminals.
By comparison, lots of Internet ‘security’ legislation has already failed. I would take this for evidence that most people care about privacy enough to prefer handling their own security.
I would propose that therefore, an uncertain world of attacks carries the inevitable consequence of huge demand for the stability of good defenses. And that presents opportunity for clever defenders.
As Microsoft did by selling an OS and word processor to the world and Apple a music player, so too might someone get absurdly rich by selling the world real security.
“We assembled a team of experts and collated what’s known. We came up with a number of interesting conclusions. For example, we compared the direct costs of cybercrimes (the amount stolen) with the indirect costs (costs in anticipation, such as countermeasures, and costs in consequence such as paying compensation). With traditional crimes that are now classed as “cyber” as they’re done online, such as welfare fraud, the indirect costs are much less than the direct ones; while for “pure”cybercrimes that didn’t exist before (such as fake antivirus software) the indirect costs are much greater. As a striking example, the botnet behind a third of the spam in 2010 earned its owner about $2.7m while the worldwide costs of fighting spam were around $1bn.”