E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by Bennett Gold LLP, Chartered Accountants

Effective December 31, 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering articles from the period 1999 to 2012.


Source: Reuters

Posted on April 8, 2002

      U.S. companies and government agencies report losing more money from theft of proprietary information than any other type of attack on their computer system, according to a new study.

      Viruses remain the most common type of cyber attack, according to the seventh annual joint FBI/Computer Security Institute (CSI) Computer Crime and Security Survey released on Sunday.

      "What's particularly impressive is that financial losses seem to be really rising," said Richard Power, editorial director of San Francisco-based CSI, an association of information security professionals.

      "They're growing faster than the actual number of incidents reflected in the survey."

      Ninety percent of the approximately 500 people who responded to the mailed survey said they detected computer security breaches within the last year, with 85 percent reporting financial losses as a result and 44 percent willing or able to name a dollar figure, for a total loss of $455.8 million.

      "We've established that computer crime has become commonplace," Power said.

      Respondents reported a total annual loss of $170.8 million due to theft of proprietary data; $115.7 million due to financial fraud; and $50 million due to insider abuse of Net access. The highest average loss per organization was $4.6 million for financial fraud.

      Although the percentage of people reporting viruses and worm outbreaks dropped from 94 percent last year to 85 percent this year, the total financial loss from viruses increased from $45.3 million to $49.9 million, with an increase in the average loss from $243,800 to $283,000.

      The survey results also indicate that merely installing security products does not guarantee protection from attacks.

      Although 89 percent said they use firewalls and 60 percent use intrusion detection systems, 40 percent reported attacks coming from outside the organization. Ninety percent said they use anti-virus software, but 85 percent said they were still hit by viruses and their self-propagating kin, worms.


      The results also appear to undermine the perception that most attacks come from insiders, such as disgruntled current and former employees. Forty percent detected system penetration from the outside and slightly fewer than that reported unauthorized access by insiders. Eighty-two percent cited "independent hackers" as the likely sources of attack and 75 percent cited "disgruntled employees."

      Just over half reported laptop theft; 40 percent reported denial of service attacks (news - web sites); 20 percent theft of proprietary information; 12 percent financial fraud; 9 percent telecom fraud; 8 percent sabotage; 6 percent telecom eavesdropping; and 1 percent active wiretapping.

      The survey also asked about employee misuse of the network and found that 78 percent reported employee abuse of Internet access privileges for things like downloading pornography or pirated software or inappropriate use of e-mail.

      The survey results underscored the widely held suspicion that computer security breaches occur more often than people believe. For instance, only about 34 percent of the respondents said they actually report attacks to authorities.

      Seventy-five percent said they do not report intrusions to law enforcement because of negative publicity, and 72 percent said they don't because they do not want to give competitors an advantage.

      The survey concluded by recommending that companies update and upgrade their disaster recovery and business continuity plans and consider participating in the Infragard information sharing cooperative with other companies and government agencies, buying electronic business insurance and establishing a chief security officer.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold Chartered Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.