Computer Crime and Security Survey

The survey found that:

• 25% of respondents detected system penetration from the outside.
• 27% of respondents detected denial of service attacks.
• 79% detected employee abuse of Internet access privileges (for example, downloading pornography or pirated software, or inappropriate use of e-mail systems).
• 85% detected computer viruses.
• Regarding electronic commerce:
  • 93% of respondents have WWW sites.
  • 43% conduct electronic commerce on their sites (in 1999, only it was only 30%).
  • 19% suffered unauthorized access or misuse within the last twelve months.
  • 32% said that they didn't know if there had been unauthorized access or misuse.
  • 35% of those acknowledging attack, reported from two to five incidents.
  • 19% reported ten or more incidents.
  • 64% of those acknowledging an attack reported Web-site vandalism.
  • 60% reported denial of service.
  • 8% reported theft of transaction information.
  • 3% reported financial fraud.

In terms of security procedures in place to address the above concerns, the survey revealed the following:

• 90% of respondents (primarily large corporations and government agencies) detected computer security breaches within the last twelve months.
• 70% reported a variety of serious computer security breaches other than the most common ones of computer viruses, laptop theft or employee "net abuse"--for example, theft of proprietary information, financial fraud, system penetration from outsiders, denial of service attacks and sabotage of data or networks.
• 74% acknowledged financial losses due to computer breaches.
• 42% were willing and/or able to quantify their financial losses. The losses from these 273 respondents totaled $265,589,940 (the average annual total over the last three years was $120,240,180).

[Next] | [Prev] | [Top]