Cyber criminals are out-spending the defenders two to one HP

pril, and in the new quarter blossoms a new crop of sweet, fragrant c yberstatistics. Such joy.

Some of these statistics are presented as so-called "infographics", a term which has come to mean a random scattering of factoids pulled b ac into an appro!imation of a unified narrati"e by some cornfla e pac et le"el design. Here#s a bunch of these low information density pi!e l-burners, from which you may glean a factoid or two that you ha"e n#t encountered before, or guessed.

$thers are presented as proper reports based on assumed-proper res earch, such as the %ebsense &'() *hreat +eport released on *hursda y. %ebsense analyses what#s happening in the threat landscape, and ho w your organisation should respond, using a se"en-stage ill chain mod el from initial reconnaissance and crafting a lure to encourage the " ictim to clic , redirecting them through a series of hac ed ser"ers to a final one, which deploys an e!ploit it, dropping malware onto the "ic tim#s machine, calling home, and e!filtrating data.

*hey#re not the only "endor using this sort of militarised language. %it h minor "ariations, it#s the way things are done now. ,et used to it. endors will be using it to e!plain how their products will disrupt the at tac er at each stage.

.nd other cyberstats still just turn up in presentations, such as HP /n terprise Ser"ices# claim that organised cybercrime operations are outs pending the defenders two-to-one.

"*he number we came up with is about 0(') billion dollars a year for the entire ecosystem, and these are estimates that ha"e been done th rough studies from "arious groups, including Ponemon and others aroun d the estimation of the entire ecosystem," .rthur %ong, HP senior "ic e-president and general manager of HP /nterprise Security Ser"ices 1/SS2 globally, told 345et at a media briefing in Sydney on %ednesday.

"*his 6figure7 is around the de"elopment, trading of information whe ther it#s 6personal7 profiles, whether it#s threats, whether it#s e!ploit s or "ulnerabilities it#s a huge ecosystem out there, and an econom y that#s underground and a"ailable for hac ers. 8ou can ta e a loo at an e9ay-li e en"ironment to be able to buy, sell, and trade security in formation and credit cards and financial information and intellectual pro perty," he said.

. hundred billion sounds a lot, and :#m normally sceptical of 9ig 5umber s. 9ut according to my bac -of-the-en"elope calculation, that#s may be ;S0<' per human on the internet per year. *hat#s a lot for de"elo ping and e"en mid-ran nations, but it#s certainly well within the bound s of what go"ernments and corporations in the ,&' absorb on behalf of their citi=ens and customers.

,lobally, according to >c.fee#s estimates from mid-&'(<, cybercrime costs between ;S0('' billion and ;S0)'' billion. *hat#s a decent retur n on in"estment.

>eanwhile, says HP, the global information security mar et is "just" ; S0)? billion a year though that, as well as the below-the-line inter nal costs to organisations, would be part of the cost figures.

HP is, of course, trying to persuade us to spend more on security, an

d to spend it with HP /SS. *hat#s why they were telling journalists ab out their new Security $perations Centre in the Sydney suburb of +ho des. :t adds "<' to )'" new security staff to the "hundreds" HP alrea dy has in the country, and adds an eighth C$S to those in Plano, *e!a s@ -irginia 1of course2@ Costa +ica@ the ;A@ 9ulgaria@ :ndia@ and >alaysia.

9ut apart from their "buy our stuff" message, there#s another messag e, one about coordination and cooperation. *he bad guys are simply mo re agile. *hey don#t need a corporate product manager to get the cha nnel manager to organise a sales meeting with a potential client. *hey operate li"e online, fast and loose.

"*he bad guys, the ad"ersaries, they collaborate way more than go"e rnments, and way more than commercial industries do themsel"es," %on g told 345et. "%hen anyone wants to e"en launch an attac out there on a particular company, they#re going to go into chat rooms ... and as , #Hey does anybody own a computer or a system inside this compan yB#, and someone will put up their hand, or they#ll now someone else, and a deal is negotiated".

*he criminal ecosystem isn#t just better organised, it#s also becoming more specialised. .ccording to 9ob Hansmann, %ebsense#s director of product mar eting, the cybercrime "endors are now pro"iding tailored ser"ices for e"ery step of the ill chain.

"*here are people who simply own botnets, and they rent it out to se nd spam or do phishing attac s, e"en denial of ser"ices. *here are spe cialists in just crafting the emails. *here are specialists for helping wit h encryption," Hansmann told 345et on *uesday.

"Some of these cases can read li e a *om Clancy spy no"el, where a

Chinese credit card ring hires an e!-A,9 agent li"ing in >orocco to w rite code which he has no way of deploying, so he finds a friend in *u r ey who actually controls a botnet, and so on and so forth. *hat#s p art of an actual attac that happened maybe fi"e or si! years ago."

*his economy is now maturing. .nd growing. HP rec ons that by &'&' there will be another million people wor ing in cybercrime globally. :n Ca nuary, Cisco chief security officer Cohn Stewart rec oned that before then we#ll be short around a million infosec wor ers.

*he consensus amongst infosec specialists is that after a bad year in &'(<, this year will be better. .fter that, they#re not so sure.follow1 httpDEEwww.plur .comEsearch eywords 21 httpDEEb.hatena.ne.jpEsearch ey words2