Computer security threat on rise, survey says
March 5, 1999
Web posted at: 10:49 a.m. EST (1549 GMT)
SAN FRANCISCO (Reuters) -- Forget the stereotype of the teen hacker.
Sophisticated cyber crooks caused well over $100 million in losses last
year, and the trend toward professional computer crime is on the rise.
In its fourth annual survey, the San Francisco-based Computer Security
Institute reported Friday that corporations, banks, and government
agencies all face a growing threat from computer crime -- committed both
inside and outside their organizations.
"It is clear that computer crime and other information security breaches
pose a growing threat to U.S. economic competitiveness and the rule of law
in cyberspace," the survey said, summarizing its findings. "It is also
clear that the financial cost is tangible and alarming."
The survey, conducted jointly by the CSI and the FBI's San Francisco
Computer Crime Squad, polled more than 500 information security
professionals.
Almost one-third of the respondents reported that outsiders had penetrated
their computer systems in the past year, most frequently through an
Internet connection.
While about half of the respondents acknowledged that the computer
break-ins resulted in financial losses, 163 organizations, or a third of
those polled, could say how much money had been lost -- $123 million for
them alone.
The most serious losses occurred through the theft of proprietary
information and financial fraud, the survey said, although it added that
other computer crimes ranged from data sabotage to laptop theft.
CSI director Patrice Rapalus said indications of rising levels of computer
crime belied the popular notion of computer hackers as bored teenagers
looking for a little excitement.
"It's not simply teenagers coming in and spray painting a web page,"
Rapalus said. "It's not just the stereotypical hacker. People are seeing
financial losses due to various different kinds of attacks."
In an encouraging note, the CSI study found a "dramatic increase" in the
number of computer security breaches which had been officially reported to
law enforcement -- a sign that the problem was being taken seriously.
"They are more aware of the problem," Rapalus said. "A lot of people are
finding out that they need to report in order to avoid liabilities."
Michael Vatis, director of the National Infrastructure Protection Center
at FBI headquarters in Washington, D.C., said the CSI/FBI study
illustrated the need for more coordinated efforts to fight cyber crime.
"Only by sharing information about incidents and threats and exploited
vulnerabilities can we begin to stem the rising tide of illegal activity
on networks and protect our nation's critical infrastructure from
destructive cyber attacks," he said in a news release.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:20:39 PDT