Microsoft says cyber-crime surveys are inaccurate

SOFTWARE GIANT Microsoft has compared research on cyber-crime losses to surveys on sexual behaviour in an attempt to paint them as inaccurate.

Microsoft researchers Dinei Florencio and Cormac Herle outlined their findings in a paper entitled Sex, Lies and Cyber-crime Surveys, where they drew parallels between these two areas that seem totally unconnected.

The duo particularly highlighted the element of over-reporting. The best example given was how a number of sexual behaviour surveys resulted in findings that men had more female sexual partners than women had male partners, a finding which the researchers claim is erroneous and statistically inaccurate when cross-checked.

Florencio and Herle claim that women tend to under-report, while men tend to over-report, with some Don Juans exaggerating significantly about their sexual experiences, leading to inflation of results. They claimed that this kind of over-reporting can also be found in cyber-crime surveys.

They claimed that losses due to cyber-crime are not independently verified, and that self-reporting means that results can easily be distorted. They also found that the majority of estimates come from a minority of responses, which they argued leads to figures appearing higher than they really are.

They gave an example of how a single unverified claim of a loss of $7,500 in a phishing attack led to the survey estimating a total loss of $1.5bn across the entire economy, which they said is not reflective of reality at all.

Of course, the Microsoft researchers could be accused of exaggerating the link between sex and cyber-crime. Over-reporting and inaccurate results in surveys are not necessarily limited to these two areas, and surveys, by their very nature, can only provide approximations of reality.

However, we have to admit that these were certainly two of the more interesting topics that Microsoft might have selected to compare. µ