The Federal Bureau of Investigation has release it 2005 Computer Crime Survey. Quoting from a January 18, 2006 press release, the survey shows the following:
- Frequency of attacks. Nearly nine out of 10 organizations experienced computer security incidents in a year's time; 20% of them indicated
they had experienced 20 or more attacks.
- Types of attacks. Viruses (83.7%) and spyware (79.5%) headed the list. More than one in five organizations said they experienced port scans and network or data sabotage.
- Financial impact. Over 64% of the respondents incurred a loss. Viruses and worms cost the most, accounting for $12 million of the $32 million in total losses.
- Sources of the attacks. They came from 36 different countries. The U.S. (26.1%) and China (23.9%) were the source of over half of the intrusion attempts, though masking technologies make it difficult to get an accurate reading.
- Defenses. Most said they installed new security updates and software following incidents, but advanced security techniques such as biometrics (4%) and smart cards (7%) were used infrequently. In addition, 44% reported intrusions from within their own organizations, suggesting the need for strong internal controls.
- Reporting. Just 9% said they reported incidents to law enforcement, believing the infractions were not illegal or that there was little law enforcement could or would do. Of those reporting, however, 91% were satisfied with law enforcement's response. And 81% said they'd report future incidents to the FBI or other law enforcement agencies. Many also said they were unaware of InfraGard, a joint FBI/private sector initiative that battles computer crimes and other threats through information sharing.
Unfortunately, as of this posting the link to the full report is not functioning. I will update this post with a corrected link as soon as possible. I've included the broken link in the hope the issue will be fixed and the existing link will function.
Bill Detwiler has nothing to disclose. He doesn't hold investments in the technology companies he covers.
Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop support specialist in the social research and energy industries. He has bachelor's and master's degrees from the University of Louisville, where he has also lectured on computer crime and crime prevention.