Language Selection

English French German Italian Portuguese Spanish

Cost of Computer Attacks Down

While the cost of fending off hackers appears to be dropping for U.S. companies, attacks that involved unauthorized access to information are becoming much more costly, according a survey published Thursday by the Computer Security Institute and the U.S. Federal Bureau of Investigation.

The survey, which included about 700 respondents from government and a variety of industries, found that the average losses related to computer attacks dropped by 61 percent in 2004. On average, companies reported that computer and network attacks cost them $204,000 last year, down from an average of $526,000 in 2003. The report did not explain how specific factors, such as loss of employee productivity or security consultant fees, contributed to these costs.

This marks the fourth consecutive year that this number has declined, said Robert Richardson, editorial director of the Computer Security Institute and a co-author of the report.

Part of the reason for the drop is the fact that companies have simply become better at protecting themselves, Richardson said. "For your run-of-the mill virus, your average organization has that under control," he said. "There's a very fast reaction on the part of antivirus vendors and there are automated pathways to update the virus data on enterprise networks."

ID Theft Increase

However, the cost of information theft jumped considerably in 2004. "To some degree, the heat of hacker activity has moved to identity theft," Richardson said.

The survey found that the average net loss attributable to unauthorized information access jumped from more than $51,000 in 2003 to more than $300,000 last year. Attacks that resulted in the theft of proprietary information cost companies more than $355,000 on average in 2004, up from $169,000 the previous year.

The Computer Security Institute's survey was done in conjunction with the San Francisco division of the Federal Bureau of Investigation's Computer Intrusion Squad. It canvassed about 700 CSI members in a wide variety of industries and government organizations. CSI is a San Francisco-based association of computer and network security professionals.

Given the demographics of the survey's participants, it's unsurprising that they're suffering less damage from attacks. "We ask people who care about security," Richardson said. "They care enough [about security] to be members of a professional organization, so my hunch is they're actually trying to get better at security."

The 2005 CSI/FBI Computer Crime and Security Survey, which reports data covering 2004, can be found at CSI's Web site.

By Robert McMillan
IDG News Service

More in Tux Machines

Slackel Linux: Not Your Father's Slackware

You might think of the Slackel distro as a better Slackware derivative. Slackware dates back to 1992. By comparison, well-known and well-used distros such as Ubuntu, Fedora and Linux Mint were introduced in the mid-2000s. So Slackware is among the oldest actively maintained Linux distros. Despite its longevity, it has not joined more modern Linux offspring in terms of user friendliness. Read more

Android 6.0 Marshmallow Review: Google Outsmarts Apple By Guessing Your Next Move

It may seem like a big decision, but something tells me the service arms race is going to be a lot like the feature race. Google has the nose on Apple with Google Now on Tap until… Apple figures out a way to borrow it. Read more

Red Hat News

IBM releases Power-based Linux servers with Nvidia GPUs

The Power Systems LC line was introduced by Dr Stefanie Chiras, director and business line executive of IBM scale-out Power Systems, as part of her keynote on the subject of 'waitless computing'. IBM, as a patron of the OpenPower Foundation, has been a staunch supporter of Linux and OpenStack, and this represents a logical step for the company, as it has been building its Power line following the sale of its x86 server business to Lenovo in 2014. Read more