A survey by the Computer Security Institute, a San Francisco- based association of information security professionals, reveals that computer crime is on the rise and reported losses due to it amounted to over $100m last year. Seventy-five percent of respondents reported losses due to various security breaches ranging from financial fraud, theft of proprietary information and sabotage to computer viruses and laptop theft. Of those reporting financial loss, 16% cited problems due to unauthorized access by insiders; 14% theft of proprietary information; 12% due to financial fraud; 11% due to sabotage of data or networks; and 8% due to system penetration from outside. Less sophisticated security breaches were more widespread. Fifty-seven percent cited losses due to theft of laptop computers, 31% to employee abuse of Internet privileges (eg downloading pornography or inappropriately using e-mail) and 16% suffered from telecommunications fraud. Only fifty-nine percent of survey respondents who reported financial losses were able to quantify them, resulting in a figure of $100.1m, so that the total figure is unknown. Of that $100m, a few of the more important categories of loss are: straight financial fraud ($24.9m), telecommunications fraud ($22.6m), theft of proprietary information ($21.0m), losses due to computer virus infestations ($12.5m), laptop theft ($6.1m), sabotage of data or networks ($4.3m), unauthorized access by insiders ($4.0m), and system penetration from outsiders ($2.9m). Low down – at least in this poll – is that pop media computer story standby, employee abuse of Internet privileges (Hustler online?), a measly $1.0m. Other findings: The number of organizations that experienced some form of intrusion or other unauthorized use of computer systems within the last 12 months rose from 42% in 1996 to 49% in 1997; although over 80% of respondents perceive disgruntled employees as a likely source of attack, over 70% perceive hackers as a likely source. Over 50% also consider US-owned corporate competitors a likely source of mischief – the information sought in recent attacks would be of use to US-owned corporate competitors. And reflecting the increased competition in the global marketplace, 26% cited foreign competitors as a likely source of attack and 22% also cited foreign governments as a likely source of attack. A total of 563 US corporations, government agencies, financial institutions and universities responded to the survey.
Content from our partners
