http://news.yahoo.com/news?tmpl=story&cid=2632&ncid=2632&e=8&u=/nf/20060120/bs_nf/41074

Yahoo! News

Fri Jan 20, 2006

 

FBI: Most Companies Get Hacked

 

Elizabeth Millard

newsfactor.com

 

Almost nine out of ten companies had a computer-security incident last year, according to a report from the Federal Bureau of Investigation.

 

After a survey of over 2,000 companies, the FBI found that 87 percent of those polled admitted there had been some type of security attack. Within that group, 20 percent claimed they had been hit multiple times by 20 or more attacks.

 

Most common breaches were either a virus or some spyware penetrating the corporate network. More advanced attacks, including data sabotage and port scans, were less frequent, according to the report.

 

Attacks came from 36 different countries, with the U.S. and China marked as the source of over half the attempts, although masking technologies made it difficult to get an accurate reading.

 

Watch Out

 

The average cost per company as a result of the attacks was more than $24,000, with a total cost of $32 million. Viruses and worms accounted for $12 million of those losses.

 

Other surveys have attempted to pinpoint financial losses from network attacks, but estimates have ranged widely. The FBI believes its cost estimates are more accurate because of the large number of survey respondents.

 

The FBI said the survey is a clear sign of the urgent need for vigilance against network assaults, both internally and externally.

 

In its release on the survey, the agency quoted Frank Abagnale, security consultant and subject of the movie "Catch Me If You Can": "Every company, both large and small, should study this survey and use the data as the basis for making changes. Those who ignore it do so at their peril."

 

Most of those surveyed did note that they had installed new security updates and software following incidents, but advanced techniques, such as biometrics and smart cards, were used infrequently, the report stated.

 

Crack Down

 

As companies are increasingly targeted by attackers, it is likely that enforcement efforts will grow as well to respond to the problem.

 

There are several investigations and initiatives underway by a number of enforcement agencies, said Chris Sonderby, chief of the U.S. Department of Justice's Computer Hacking and Intellectual Property unit.

 

"Stealing company resources or trying to break in to a company's computers are felonies, and they will be treated as such," said Sonderby.

 

Copyright 2006 NewsFactor Network, Inc.

Copyright 2006 Yahoo! Inc. All rights reserved.

 

FAIR USE NOTICE

This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of political, democracy, scientific, and social justice issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml. If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner.