Language Selection

English French German Italian Portuguese Spanish

Cost of Computer Attacks Down

While the cost of fending off hackers appears to be dropping for U.S. companies, attacks that involved unauthorized access to information are becoming much more costly, according a survey published Thursday by the Computer Security Institute and the U.S. Federal Bureau of Investigation.

The survey, which included about 700 respondents from government and a variety of industries, found that the average losses related to computer attacks dropped by 61 percent in 2004. On average, companies reported that computer and network attacks cost them $204,000 last year, down from an average of $526,000 in 2003. The report did not explain how specific factors, such as loss of employee productivity or security consultant fees, contributed to these costs.

This marks the fourth consecutive year that this number has declined, said Robert Richardson, editorial director of the Computer Security Institute and a co-author of the report.

Part of the reason for the drop is the fact that companies have simply become better at protecting themselves, Richardson said. "For your run-of-the mill virus, your average organization has that under control," he said. "There's a very fast reaction on the part of antivirus vendors and there are automated pathways to update the virus data on enterprise networks."

ID Theft Increase

However, the cost of information theft jumped considerably in 2004. "To some degree, the heat of hacker activity has moved to identity theft," Richardson said.

The survey found that the average net loss attributable to unauthorized information access jumped from more than $51,000 in 2003 to more than $300,000 last year. Attacks that resulted in the theft of proprietary information cost companies more than $355,000 on average in 2004, up from $169,000 the previous year.

The Computer Security Institute's survey was done in conjunction with the San Francisco division of the Federal Bureau of Investigation's Computer Intrusion Squad. It canvassed about 700 CSI members in a wide variety of industries and government organizations. CSI is a San Francisco-based association of computer and network security professionals.

Given the demographics of the survey's participants, it's unsurprising that they're suffering less damage from attacks. "We ask people who care about security," Richardson said. "They care enough [about security] to be members of a professional organization, so my hunch is they're actually trying to get better at security."

The 2005 CSI/FBI Computer Crime and Security Survey, which reports data covering 2004, can be found at CSI's Web site.

By Robert McMillan
IDG News Service

More in Tux Machines

Linux Foundation: New Members, Cloud Foundry, and Embedded Linux Conference + OpenIoT Summit

  • 41 Organizations Join The Linux Foundation to Support Open Source Communities With Infrastructure and Resources
    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the addition of 28 Silver members and 13 Associate members. Linux Foundation members help support development of the shared technology resources, while accelerating their own innovation through open source leadership and participation. Linux Foundation member contributions help provide the infrastructure and resources that enable the world's largest open collaboration communities.
  • Cloud Foundry for Developers: Architecture
    Back in the olden days, provisioning and managing IT stacks was complex, time-consuming, and error-prone. Getting the resources to do your job could take weeks or months. Infrastructure-as-a-Service (IaaS) was the first major step in automating IT stacks, and introduced the self-service provisioning and configuration model. VMware and Amazon were among the largest early developers and service providers. Platform-as-a-Service (PaaS) adds the layer to IaaS that provides application development and management. Cloud Foundry is for building Platform as a Service (PaaS) projects, which bundle servers, networks, storage, operating systems, middleware, databases, and development tools into scalable, centrally-managed hardware and software stacks. That is a lot of work to do manually, so it takes a lot of software to automate it.
  • Jonathan Corbet on Linux Kernel Contributions, Community, and Core Needs
    At the recent Embedded Linux Conference + OpenIoT Summit, I sat down with Jonathan Corbet, the founder and editor-in-chief of LWN to discuss a wide range of topics, including the annual Linux kernel report. The annual Linux Kernel Development Report, released by The Linux Foundation is the evolution of work Corbet and Greg Kroah-Hartman had been doing independently for years. The goal of the report is to document various facets of kernel development, such as who is doing the work, what is the pace of the work, and which companies are supporting the work.

Best Linux server distro of 2018

As a free and open source operating system, Linux is the ideal candidate for setting up your own server. The community of developers behind each Linux distribution (distro) regularly review the source code of their chosen OS to make sure it's free of bugs. When it comes to servers, the emphasis should obviously be on stability. While upgrades are a good thing on the face of it, they have the potential to interfere with the smooth running of your server. We’ve highlighted some of our favourite Linux server distros in this article, including operating systems that offer long term support, stability, and ideally a fast setup process. Read more

Red Hat: Red Hat Women’s Leadership Community Luncheon, Red Hat Enterprise Linux 6.10 Beta, Stratis and More

KDE at FOSS-North and Cutelyst 2.2.0 Release

  • KDE at FOSS-North
    Over the weekend, while some KDE people were in Toulouse improving Akonadi, and other KDE people were in Berlin improving Plasma, I was in Goteborg at FOSS-North showing off some KDE things. Anyone who saw our FOSDEM booth knows the setup. We still had the same blue table (thanks, Sune) and selection of low-power ARM blinkenlights, the Pine64 and a Pinebook. I still think that “hey, Plasma runs fine on an overpowered x86 laptop” is not particularly interesting, but that “the past six months have seen serious work on reducing Plasma’s resource usage aimed specifically at this kind of device” is. Different from FOSDEM is that I could now run one of the just-released Netrunner images for the Pinebook.
  • Cutelyst 2.2.0 is out
    Thanks to the release of Virtlyst – a web manager for virtual machines, several bugs were found and fixed in Cutelyst, the most important one in this release is the WebSockets implementation that broke due the addition of HTTP/2 to cutelyst-wsgi2. Fixing this was quite interesting as when I fixed the issue the first time, it started to make deleteLater() calls on null objects which didn’t crash but since Qt warn’s you about that it was hurting performance. Then I fixed the deleteLater() calls and WebSockets broke again