Forwarded from: Dave Dittrich <dittrichat_private> > It is generally agreed that it is almost impossible to quantify the > extent of damage of internet-related crime. > > "I don't think anyone has numbers on how much is lost. Most > cybercrime goes unreported because of PR considerations," said > Nemes. "It could be a very high figure, taking into account how > online banks and brokerages can be seriously disrupted by denial of > service." This is pure crap. Not knowing that something exists is NOT the same it not existing at all, and I doubt this writer did a good enough job of surveying the entire security field to be able to takes Nemes' claim as anything other than uninformed opinion. It IS possible to quantify damage, and many people know how to do it. I've done it successfully for criminal cases, and so have many others. For a publicly available model, see the ICAMP project report, and the Honeynet Project Forensic Challenge results, which used (and reference) the ICAMP model: http://project.honeynet.org/challenge/results/ -- Dave Dittrich Computing & Communications dittrichat_private University Computing Services http://staff.washington.edu/dittrich University of Washington PGP key http://staff.washington.edu/dittrich/pgpkey.txt Fingerprint FE 97 0C 57 08 43 F3 EB 49 A1 0C D0 8E 0C D0 BE C8 38 CC B5 - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Apr 18 2002 - 03:47:11 PDT