On Thu, 25 May 2006, Gadi Evron wrote:
I hate for this to be a quote by me, but Super Worms which steal credit card, account data, login info. etc. for banks, credit card companies and ecommerce sites online number at the millions a day. Including repeat customers.
As to signle banks, forget my numbers for a second, I am willing to accept yours for the sake of argument (we can argue digits over the phone). A million in losses a day is enough.
According to you, 500,000 bots a day and $1,000,000 in losses a day; so there is about 50 cents of potential savings per bot to pay for fixing those computers. How much does it cost to repair the average compromised computer? For some people its cheaper to buy a new computer than to fix the old one. I don't believe most of the numbers published, but lets use some other people's numbers. One consulting firm estimates $2 Billion in losses a year. That results in less than $10 of savings per new bot (assuming 500,000/day) to fix the computers. If there are even more bots, the numbers just get worse. For comparison, Cardweb's estimate of credit card fraud is about $14 Billion in 2004. Merchants are hit with about 90% of credit card fraud, and banks about 10%. CFCA's estimate for telecommunications fraud is about $55-60 Billion in 2003. Regardless of the numbers, I think we are currently stuck in a very nasty spot 1. Reduce the cost of fixing/protecting a computer 2. or increase the losses from compromised computers Either way, the consumer will eventually end up paying for it.