HOME PRODUCTS
 SERVICES
 PARTNERS
 RESOURCES
 COMPANY

 
Industry Articles
Cyber Crimes, Cyber Times
Financial losses due to Internet intrusions, trade secret theft and other cyber crimes soar.

written by: Leonard Scriven, Senior Consultant, Lightwave Consulting Group

The results of the sixth annual "Computer Crime and Security Survey conducted by The Computer Security Institute (CSI) were recently announced.

The "Computer Crime and Security Survey" is conducted by CSI in conjunction with the San Francisco Federal Bureau of Investigation's (FBI) Computer Intrusion Squad. The purpose of the survey is twofold, 1) to increase the level of security awareness and 2) to determine the scope of computer-based crime in the United States.

The results of the "2001 Computer Crime and Security Survey" confirm that the threat from computer crime and other information security breaches continues to be undeterred and underestimated; and, that financial losses due to these crimes are growing rapidly

A few highlights, based on responses from 538 computer security professionals, including: U.S. corporations, government agencies, financial institutions, medical institutions and universities, include.

  • Eighty-five percent of respondents (primarily large corporations and government agencies) detected computer security breaches within the last twelve months.
  • Sixty-four percent acknowledged $377,828,700 in financial losses due to computer breaches. (In contrast, the losses from 249 respondents in 2000 totaled only $265,589,940. The average annual total over the three years prior to 2000 was 120,240,180.)
  • Theft of proprietary information resulted in the most serious financial losses, as in previous years
  • Consistent with previous years there was an increase in respondents (70%) that cited their Internet connection as a frequent point of attack. 31% cited their internal systems as a frequent point of attack. The 70% figure points to an increase of 11% increase when compared to 2000.

Following are some examples of attacks and abuses detected by security professionals:

  • Forty percent of respondents detected system penetration from the outside (only 25% reported system penetration in 2000).
  • Thirty-eight percent of respondents detected denial of service attacks (only 27% reported denial of service in 2000).
  • Ninety-one percent detected employee abuse of Internet access privileges (i.e., downloading pornography, copyrighted music, or abuse use of e-mail systems). Only 79% detected net abuse in 2000.
  • Ninety-four percent detected computer viruses (only 85% detected them in 2000).

A few questions were asked concerning electronic commerce over the Internet. Here are some of the results:

  • Ninety-seven percent of respondents have WWW sites.
  • Twenty-three percent suffered unauthorized access or misuse within the last twelve months. Twenty-seven percent said that they didn't know if there had been unauthorized access or misuse.
  • Twenty-one percent of those acknowledging attacks reported from two to five incidents. Fifty-eight percent reported ten or more incidents.

Patrice Rapalus, CSI Director, remarks that the "Computer Crime and Security Survey, now in its sixth year, has served as a reality check for industry and government:

"Each year, the influence and impact of the CSI/FBI Computer Crime and Security Survey grows. It is an invaluable tool for information security practitioners in corporations and government agencies struggling to get the attention of their CEOs, CIOs and CFOs as well as for law enforcement officials working to make the case for closer cooperation with the private sector to stave off a cyber crime wave. The survey results over the years offer compelling evidence that neither technologies nor policies alone really offer an effective defense for your organization. Intrusions take place despite the presence of firewalls. Theft of trade secrets takes place despite the presence of encryption. Net abuse flourishes despite corporate edicts against it. Organizations that want to survive in the coming years need to develop a comprehensive approach to information security, embracing both the human and technical dimensions. They also need to properly fund, train, staff and empower those tasked with enterprise-wide information security."
Statistics from: Rapalus, Patrice. Press Release: “Financial losses due to Internet intrusions, trade secret theft and other cyber crimes soar” 12 May 2001. http://www.gocsi.com/prelea/000321.html (23 Oct. 2001) 

 

Find Out More
For more information on how Lightwave Consulting Group can help your business please contact us online or call us toll-free at 1-866-544-4898.

 
 
Copyright © 2007. Lightwave Consulting Group. All Rights Reserved. This site best viewed with Internet Explorer 6.0 or better