FBI: Security Improving but Threats Rising

Despite improving security, organizations in the U.S. are facing a barrage of electronic assaults, ranging from nuisances such as spyware and viruses through sophisticated hacking attempts staged outside the country, the Federal Bureau of Investigation (FBI) reported in its 2005 FBI Computer Crime Survey.

Of the 2,066 organizations with more than US$1 million in annual revenue surveyed, 87 percent reported some type of computer security breach within a year, ranging from internal theft to viruses to Web site defacement, the FBI reported. The 23-question survey was distributed to organizations in 430 cities in the states of Iowa, Nebraska, New York and Texas.

IT managers and system administrators reported spyware and viruses were the most common problem, followed by port scans, sabotage of data or networks, and then adult pornography. While not necessarily illegal, adult pornography is against the policy of most organizations, the study noted.

More than 50 percent of hacking attempts came from within the U.S. and from China, as many organizations were able to trace where intrusion attempts originated. But hackers are using computers that are under their control but located in other countries, combined with the use of proxies to make detection more difficult.

The FBI said a Romanian hacker could use a proxy computer in China to gain access to a compromised computer in the U.S., leading to a false conclusion that the attack originated in the U.S.

“Difficulty tracking IP (Internet Protocol) addresses and prosecution in China combined with other economic, military and political concerns make this an unusually troubling statistic, especially when considering the potential impact of industrial espionage and state-sponsored cyberwarfare efforts,” the survey said.

Organizations sustained noteworthy losses related to computer security. Slightly more than 64 percent of those surveyed said computer security caused them to lose money. The FBI calculated an average $24,000 loss for the 1,324 companies that suffered a loss.

Antivirus software is widely used, and most organizations also have firewalls in place, the survey said. But 44 percent reported that intrusions came from within their own organizations, and “this is a strong indicator that internal controls are extremely important and should not be underemphasized while concentrating efforts on deterring outside hackers,” the FBI said.

Nearly two-thirds of those surveyed had implemented event logging on their network, a measure the FBI said is a crucial element in tracking crime. And half of those stored the logs on a remote protected server. Federal agencies, legal and manufacturing organizations were most likely to log.

However, 38 percent did not have their logging capabilities activated, with utility companies scoring as the least like to have the feature turned on, the FBI said.

By Jeremy Kirk – IDG News Service (London Bureau)