How Pervasive Is Cyber-Crime?
This security survey presents some grim statistics on the frequency and effects of cyber-attacks, and debunks a number of common misconceptions regarding security.
The incidence of cyber-crime (e.g., successful and attempted security breaches, theft, financial fraud, and virus detection) continues to rise, according to the annual Computer Crime and Security Survey conducted by the Computer Security Institute (CSI), a San Francisco-based association of information security professionals. The survey reveals significant financial losses due to security breaches and information theft.
The mission of the survey, conducted in collaboration with the San Francisco Federal Bureau of Investigation's Computer Intrusion Squad, is to determine the pervasiveness of computer crime in the U.S. and to raise the level of awareness regarding security concerns. The 503 participants in the survey consisted of computer security professionals from U.S. corporations, government agencies, financial institutions, medical institutions, and universities.
The following are some of the general survey results:
90 percent of respondents detected computer security breaches 80 percent reported financial losses due to security breaches 44 percent quantified their financial losses, reporting a total of US$455,848,000 in losses Information theft and financial fraud contributed to the most serious financial losses 74 percent of respondents reported their Internet connection as a frequent point of attack 33 percent reported their internal systems as a frequent point of attack 34 percent of respondents reported these intrusions to law enforcement
Other information gleaned from the survey identifies the types of attacks reported, with many of the percentages up from the previous year:
40 percent of respondents detected a system breach from the outside 40 percent detected a denial of service attack 78 percent detected employee abuse of Internet access privileges 85 percent detected computer viruses 38 percent were aware of unauthorized access or misuse of their Web sites within the last 12 months 39 percent of those who reported attacks reported 10 or more incidents 70 percent of those attacked reported vandalism 55 percent reported theft of transaction information 6 percent reported financial fraud
CSI Director Patrice Rapalus emphasizes the survey's significance in that it debunks common misconceptions regarding security and cyber-attacks. Rapalus says it challenges "some of the profession's 'conventional wisdom' - for example, that the threat from inside the organization is far greater than the threat from outside the organization' and that 'most hack attacks are perpetrated by juveniles on joy-rides in cyberspace".Source: Websphereadvisor.com
The other critical fact this survey reveals, Rapalus says, is that "there is much more illegal and unauthorized activity going on in cyber-space than corporations admit to their clients, stockholders, and business partners or report to law enforcement." She hopes this awareness of the prevalence of cyber-crime will lead to increased staffing, more money spent on training, and more pressure put on the individuals responsible for security.
Both Rapalus and Executive Assistant Director Bruce J. Gebhardt, former Special Agent in-Charge FBI San Francisco, agree that cooperation between the government and the private sector is essential to fight the increasing incidence of cyber-crime.
Home | What's New | Articles | Links
Library | Staff | Contact Us
Copyright © Computer Crime Research Center, 2001-2002 All Rights Reserved.
Contact the CCRC Office at 380-612-735-907