A new report has unearthed something we’ve known about for some time, namely that spending a lot of money on anti-virus solutions is a waste of money and not necessarily the best way to tackle cybercrime.
A report by Cambridge University reveals that the UK is spending £640m per year trying to prevent or clean-up cybercrime threats. And almost £110m of that is being spent on anti-virus software, whereas only £10m is on actual law enforcement.
The study suggests that although cybercriminals are only pulling in a few tens of pounds from every Brit per year, the indirect costs of buying anti-virus software come to much more.
It concludes that more money should be spent on law enforcement, rather than encouraging people to buy anti-virus software, as lead author Professor Ross Anderson told the BBC:
‘A small number of gangs lie behind many incidents and locking them up would be far more effective than telling the public to fit an anti-phishing toolbar or purchase anti-virus software.’
The study echoes some of our previous reports, which show free anti-virus solutions are often just as effective as paid-for ones.
Focus on cybercrime
The report also argues that the government should spend less on monitoring phone and email communications, a policy disapproved of by privacy campaigners.
It comes at a time when the government is reportedly looking to spend £1.8 billion on implementing its Communications Data Bill. Under the proposals, the authorities will be able to access information such as the headers of emails you’ve sent and also the websites you’ve visited. I agree with Professor Anderson – this is money that could be better spent elsewhere. But where?
Security boundaries are blurring
The report recommends redirecting some of these vast sums of money towards improving consumer protection legislation for victims of credit card fraud, pointing out that the Netherlands, Finland and Ireland, already provide much stronger protection.
It’s a wise suggestion. However, the line between malware – such as viruses and trojans – and financial fraud blurred some time ago. Putting money in this pot or that pot isn’t the way to tackle online crime. There needs to be a multi-pronged attack whereby consumers are educated and know the value of installing free anti-virus software and keeping it updated.
A £650 million investment from the Cabinet Office to fund cyber-specialists in police forces across the country will help, too. Hopefully, then if people do fall victim to cybercrimes they’ll have an expert to whom they can report it. Something I believe is long overdue.