FBI survey finds cybercrime rising

Jan 24, 2006

Nearly nine out of 10 public and private institutions suffered computer security incidents in 2005, but less than 10 percent of those report the incidents to law enforcement, according to a FBI survey.

The 2005 FBI Cyber Crime Survey, which used responses from 2000 organizations in four states, found that 20 percent of organizations reported enduring 20 or more cyber-security attacks in the last year.

Only 9 percent of those who suffered attacks alerted law enforcement, according to the survey, released last week. Many of those who didn't said they believed it wasn't illegal or that there was little law enforcement could do.

Of those who reported to law enforcement, 91 percent said they were satisfied with the response they got.

Ron Teixeira, executive director of the National Cyber Security Alliance, said that small businesses tend not to report cyber crimes to law enforcement for a variety of reasons.

"Small businesses may not know what to do," he said. "They may not know who to call that can help."

He also said that bad publicity is a reason businesses don't report cyber crimes.

"They don't want to be seen as a bad actor," he said. "They're afraid of what may happen."

Paul Kurtz, executive director of the Cyber Security Industry Alliance, agreed.

"An organization may not want to report because of what they fear it might do to their market share and their investors," he said.

Kurtz added that businesses may not report cyber crimes because they assume nothing can be done.

"There's a perception among victims that reporting a crime won't bring any returns," he said, "that there's no chance of prosecution and investigation."

Sixty-four percent of respondents said they incurred a financial loss from a computer security attack. Viruses and worms alone accounted for $12 million of the $32 million total lost funds.

From the survey results, the FBI estimates that cyber crime cost about $67 billion to U.S. companies over the year.

Kurtz noted that these estimated numbers tend to vacillate, in part because the estimators use different criteria.

"We don't have a common methodology for assessing the cost of cyber attacks," Kurtz said. "You can't manage what you can't measure."

According to the survey, viruses and spyware are still the most populous threats to security.

Virus problems were reported by 83 percent of organizations; spyware problems were reported by 79 percent. More than 20 percent said they'd experienced port scans or network or data sabotage.

Attacks came from 36 different countries, according to the survey. The United States produced 36 percent of them, with China accounting for 24 percent more.

However, masking software makes it often unclear where the attack is originating.

Teixeira said that new technologies are creating new potential security threats. Specifically, he cited insecure wireless networks and BlackBerry and PDA viruses as places that can lead to infected networks.

Teixeira said that businesses should work to educate employees on cyber-security.

"It's incredibly important to have a cyber-security policy," he said. "Any employee can become the weakest link in security."

Kurtz said that security should be a priority for all organizations from the start.

"The best defense is thinking about security in the beginning, and not having it be an afterthought," Kurtz said.

"It's not just about technology," he added. "You need to have policies in place as an organization."

Kurtz also said organizations should have a security officer, who is "part of the regular calculus of what a firm does."

Teixeira said consumer education programs will go a long way in making sure people and organizations are proactive and prepared in their security systems.

"The FBI report showed that the small business community doesn't have the resources and the education to put cyber security at the forefront of their priorities," he said.

Teixeira said his organization is trying to key a consumer education campaign, through their Web site, StaySafeOnline.info.

"Part of the problem is that until recently, there hasn't been a coordinated approach to consumer education," he said.

Kurtz, who also recommended StaySafeOnline.info as a tool to educate individuals and businesses, said Congress's role in cyber crime prevention is becoming problematic.

The Senate Committee on Foreign Relations passed along to Senate a motion signing on to the Council of Europe's Convention on Cyber Crime.

However, Kurtz said, two senators are anonymously blocking the chamber from voting on the resolution.

"We need to create the international infrastructure to prosecute cyber criminals," Kurtz said. "We have to create relationships, and have these laws on the books in multiple countries."

Kurtz called the Convention on Cyber Crime "a very solid step that doesn't require the passing of any new laws," and said it was "unexplainable" that two senators would want to block a vote on it.

Copyright 2006 by United Press International

Explore further: Germany signs no-spy deal with BlackBerry

add to favorites email to friend print save as pdf

Related Stories

Automakers aim to drive away car computer hackers

Nov 24, 2014

Against the team of hackers, the poor car stood no chance. Meticulously overwhelming its computer networks, the hackers showed that—given time—they would be able to pop the trunk and start the windshield ...

Top China official urges stronger Internet management

Nov 19, 2014

A top Beijing official called for stronger management of the Internet Wednesday at a government-organised conference condemned by rights campaigners as a Chinese attempt to promote its online controls globally.

Hackers turning smartphones into slave armies

Nov 19, 2014

Mobile security firm Lookout on Wednesday warned that Android-powered smartphones or tablets are being targeted with malicious software that puts them at the mercy of hacker overlords.

Recommended for you

A green data center with an autonomous power supply

4 hours ago

A new data center in the United States is generating electricity for its servers entirely from renewable sources, converting biogas from a sewage treatment plant into electricity and water. Siemens implemented ...

After a data breach, it's consumers left holding the bag

4 hours ago

Shoppers have launched into the holiday buying season and retailers are looking forward to year-end sales that make up almost 20% of their annual receipts. But as you check out at a store or click "purchase" on your online shopping cart ...

Can we create an energy efficient Internet?

4 hours ago

With the number of Internet connected devices rapidly increasing, researchers from Melbourne are starting a new research program to reduce energy consumption of such devices.

Brain inspired data engineering

5 hours ago

What if next-generation ICT systems could be based on the brain's structure and its cognitive and adaptive processes? A groundbreaking paradigm of brain-inspired intelligent ICT architectures is being born.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.