Language Selection

English French German Italian Portuguese Spanish

Cost of Computer Attacks Down

While the cost of fending off hackers appears to be dropping for U.S. companies, attacks that involved unauthorized access to information are becoming much more costly, according a survey published Thursday by the Computer Security Institute and the U.S. Federal Bureau of Investigation.

The survey, which included about 700 respondents from government and a variety of industries, found that the average losses related to computer attacks dropped by 61 percent in 2004. On average, companies reported that computer and network attacks cost them $204,000 last year, down from an average of $526,000 in 2003. The report did not explain how specific factors, such as loss of employee productivity or security consultant fees, contributed to these costs.

This marks the fourth consecutive year that this number has declined, said Robert Richardson, editorial director of the Computer Security Institute and a co-author of the report.

Part of the reason for the drop is the fact that companies have simply become better at protecting themselves, Richardson said. "For your run-of-the mill virus, your average organization has that under control," he said. "There's a very fast reaction on the part of antivirus vendors and there are automated pathways to update the virus data on enterprise networks."

ID Theft Increase

However, the cost of information theft jumped considerably in 2004. "To some degree, the heat of hacker activity has moved to identity theft," Richardson said.

The survey found that the average net loss attributable to unauthorized information access jumped from more than $51,000 in 2003 to more than $300,000 last year. Attacks that resulted in the theft of proprietary information cost companies more than $355,000 on average in 2004, up from $169,000 the previous year.

The Computer Security Institute's survey was done in conjunction with the San Francisco division of the Federal Bureau of Investigation's Computer Intrusion Squad. It canvassed about 700 CSI members in a wide variety of industries and government organizations. CSI is a San Francisco-based association of computer and network security professionals.

Given the demographics of the survey's participants, it's unsurprising that they're suffering less damage from attacks. "We ask people who care about security," Richardson said. "They care enough [about security] to be members of a professional organization, so my hunch is they're actually trying to get better at security."

The 2005 CSI/FBI Computer Crime and Security Survey, which reports data covering 2004, can be found at CSI's Web site.

By Robert McMillan
IDG News Service

More in Tux Machines

Having offended everyone else in the world, Linus Torvalds calls own lawyers a 'nasty festering disease'

Coding curmudgeon Linus Torvalds has gone off on yet another rant: this time against his own lawyers and free software activist Bradley Kuhn. On a mailing list about an upcoming Linux conference, a discussion about whether to include a session on the GPL that protects the open source operating system quickly devolved in an angry rant as its founder piled in. Read more

The Battle of The Budgie Desktops – Budgie-Remix vs SolusOS!

Ladies and gentleman, it’s the moment you have all been waiting for… the main even of the evening! In this corner, wearing Budgie trunks, fighting out of Ireland, created by Ikey Doherty, the man behind Linux Mint Debian Edition — SolusOS! And in this corner, built on the defending champion, also wearing Budgie trunks, aiming to be the next flavor of Ubuntu, Budgie-Remix! Read more

Leftovers: Software

  • 5 Cool Unikernels Projects
    Unikernels are poised to become the next big thing in microservices after Docker containers. Here’s a look at some of the cool things you can do with unikernels. First, though, here’s a quick primer on what unikernels are, for the uninitiated. Unikernels are similar to containers in that they let you run an app inside a portable, software-defined environment. But they go a step further than containers by packaging all of the libraries required to run the app directly into the unikernel.
  • Cedrus Is Making Progress On Open-Source Allwinner Video Encode/Decode
    The developers within the Sunxi camp working on better Allwinner SoC support under Linux have been reverse-engineering Allwinner's "Cedar" video engine. Their project is being called Cedrus with a goal of "100% libre and open-source" video decode/encode for the relevant Cedar hardware. The developers have been making progress and yesterday they published their initial patches that add a V4L2 decoder driver for the VPU found on Allwinner's A13 SoC.
  • Phoronix Test Suite 6.6 Milestone 3 Released For Linux Benchmarking
  • Calibre 2.65.1 eBook Viewer Adds Driver for Kobo Aura One and Aura 2 Readers
    Kovid Goyal released today, August 26, 2016, a new maintenance update of his popular, cross-platform, and open-source Calibre e-book viewer, converter and library management tool. Calibre 2.65 was announced earlier, and it looks like it's both a feature and bugfix release that adds drivers for the Kobo Aura One and Kobo Aura Edition 2 ebook readers, along with a new option to the Kobo driver to allow users to ignore certain collections on their ebook reader. The list of new features continues with support for right-to-left text and tables to the DOCX Input feature, as well as the implementation of a new option to allow users to make searching case-sensitive. This option can be found and enabled in the "Searching" configuration section under Preferences.
  • Calamares 2.4 Universal Installer Framework Polishes Existing Functionality
    A new stable version of the Calamares universal installer framework used by various GNU/Linux distributions as default graphical installer has been released with various improvements and bug fixes. Calamares 2.4 is now the latest build, coming two months after the release of the previous version, Calamares 2.3, which introduced full-disk encryption support. However, Calamares 2.4 is not as big as the previous update as it only polished existing functionality and address various annoying issues reported by users.
  • RcppArmadillo 0.7.400.2.0
    Another Armadillo 7.* release -- now at 7.400. We skipped the 7.300.* serie release as it came too soon after our most recent CRAN release. Releasing RcppArmadillo 0.7.400.2.0 now keeps us at the (roughly monthly) cadence which works as a good compromise between getting updates out at Conrad's sometimes frantic pace, while keeping CRAN (and Debian) uploads to about once per month. So we may continue the pattern of helping Conrad with thorough regression tests by building against all (by now 253 (!!)) CRAN dependencies, but keeping release at the GitHub repo and only uploading to CRAN at most once a month.
  • Spotio Is A Light Skin for Spotify’s Desktop App — And Its Coming To Linux
    Spotify’s dark design is very much of its identity. No-matter the platform you use it on, the dark theme is there staring back at you. Until now. A bunch of ace websites, blogs and people I follow have spent the past 24 hours waxing lyrical over a new Spotify skin called Spotio.