Language Selection

English French German Italian Portuguese Spanish

Cost of Computer Attacks Down

While the cost of fending off hackers appears to be dropping for U.S. companies, attacks that involved unauthorized access to information are becoming much more costly, according a survey published Thursday by the Computer Security Institute and the U.S. Federal Bureau of Investigation.

The survey, which included about 700 respondents from government and a variety of industries, found that the average losses related to computer attacks dropped by 61 percent in 2004. On average, companies reported that computer and network attacks cost them $204,000 last year, down from an average of $526,000 in 2003. The report did not explain how specific factors, such as loss of employee productivity or security consultant fees, contributed to these costs.

This marks the fourth consecutive year that this number has declined, said Robert Richardson, editorial director of the Computer Security Institute and a co-author of the report.

Part of the reason for the drop is the fact that companies have simply become better at protecting themselves, Richardson said. "For your run-of-the mill virus, your average organization has that under control," he said. "There's a very fast reaction on the part of antivirus vendors and there are automated pathways to update the virus data on enterprise networks."

ID Theft Increase

However, the cost of information theft jumped considerably in 2004. "To some degree, the heat of hacker activity has moved to identity theft," Richardson said.

The survey found that the average net loss attributable to unauthorized information access jumped from more than $51,000 in 2003 to more than $300,000 last year. Attacks that resulted in the theft of proprietary information cost companies more than $355,000 on average in 2004, up from $169,000 the previous year.

The Computer Security Institute's survey was done in conjunction with the San Francisco division of the Federal Bureau of Investigation's Computer Intrusion Squad. It canvassed about 700 CSI members in a wide variety of industries and government organizations. CSI is a San Francisco-based association of computer and network security professionals.

Given the demographics of the survey's participants, it's unsurprising that they're suffering less damage from attacks. "We ask people who care about security," Richardson said. "They care enough [about security] to be members of a professional organization, so my hunch is they're actually trying to get better at security."

The 2005 CSI/FBI Computer Crime and Security Survey, which reports data covering 2004, can be found at CSI's Web site.

By Robert McMillan
IDG News Service

More in Tux Machines

How to set up Raspberry Pi, the little computer you can cook into DIY tech projects

You don't need an electrical engineering degree to build a robot army. With the $35 Raspberry Pi B+, you can create robots and connected devices on the cheap, with little more than an Internet connection and a bunch of spare time. The Raspberry Pi is a computer about the size of a credit card. The darling of the do-it-yourself electronics crowd, the Pi was originally designed to teach kids computer and programming skills without the need for expensive computer labs. People have used Raspberry Pis for everything from robots to cheap home media centers. The Pi sports USB ports, HDMI video, and a host of other peripherals. The latest version, the B+, sports 512MB of RAM and uses a MicroSD card instead of a full-size card. Read more

LibreOffice Ported To 64-bit ARM (AArch64)

As more and more open-source programs get brought up for 64-bit ARM, LibreOffice is the latest to receive such AArch64 enablement. As of today in LibreOffice Git is the initial AArch64 support. Over one thousand new lines of code were added to LibreOffice by Red Hat's Stephan Bergmann for allowing the open-source office suite to build on the ARMv8 64-bit architecture. LibreOffice already runs on many CPU architectures from x86 to Alpha and SPARC with ARM64 just being the latest. Read more

SUSE's Flavio Castelli on Docker's Rise Among Linux Distros

Docker has only gained traction since its launch a little over a year ago as more companies join the community's efforts on a regular basis. On July 30, the first official Docker build for openSUSE was released, making this distribution the latest among many to join the fray. I connected with Flavio Castelli, a senior software engineer at SUSE, who works extensively on SUSE Linux Enterprise and has played a major role in bringing official Docker support to openSUSE. In this interview, he discuses the importance of bringing Docker to each Linux distribution, the future of Docker on SUSE Linux Enterprise, and other interesting developments in the Docker ecosystem. Read more

A New AMD Catalyst Linux Driver Unofficially Surfaces

A German web-site is hosting a yet to be officially released Catalyst Linux driver. As pointed out in our forums there is a new Catalyst Linux driver version that's being hosted by Computerbase.de. This driver is marked Catalyst 14.201.1008 and was uploaded today for Linux along with Windows. While this driver should work for any supported hardware (Radeon HD 5000 series and newer), it's labeled amd-catalyst-desktop-apu-linux-x86-x86-64-14.201.1008.zip. The driver version number is higher than the previous publicly released Catalyst Linux build available from AMD's web-site. Read more