custom ad
NewsApril 7, 2002

WASHINGTON -- Most large corporations and government agencies have been attacked by computer hackers, but they frequently do not inform authorities of the breaches, an FBI survey finds. The survey released Sunday found about 90 percent of respondents detected computer security breaches in the past year but only 34 percent reported those attacks to authorities...

By D. Ian Hopper, The Associated Press

WASHINGTON -- Most large corporations and government agencies have been attacked by computer hackers, but they frequently do not inform authorities of the breaches, an FBI survey finds.

The survey released Sunday found about 90 percent of respondents detected computer security breaches in the past year but only 34 percent reported those attacks to authorities.

Many respondents cited the fear of bad publicity about computer security.

"There is much more illegal and unauthorized activity going on in cyberspace than corporations admit to their clients, stockholders and business partners or report to law enforcement," said Patrice Rapalus, director of the Computer Security Institute, which conducted the survey with the FBI's San Francisco computer crime squad.

The seventh annual survey polled 503 American corporations, government agencies, financial and medical institutions and universities. The names of the organizations polled were not released.

Overall, there were more computer crimes than in last year's survey. But fewer victims reported crimes to police than in 2001, reversing a trend from earlier surveys.

Little incentive

A former Justice Department computer crimes prosecutor said there is frequently little incentive for a company to report computer attacks or crimes.

Receive Daily Headlines FREESign up today!

"It tends not to help their bottom line, but hurt their bottom line," Mark Rasch said. "What a company wants to do is solve the problem and move on."

When those companies are financial institutions or other parts of the nation's critical technology infrastructure, however, more than the company's bottom line is at stake.

The government is using partnership groups -- such as the FBI's InfraGard chapters in each field office -- to persuade companies to report the attacks directly to FBI agents without public disclosure.

"They need to use a mechanism to report these incidents and vulnerabilities broadly so they can be fixed, but won't be attributable back to them," Rasch said.

The survey respondents said they lost at least $455 million as a result of computer crime, compared with $377 million the previous year. In both surveys, only about half chose to quantify their losses.

The most serious monetary losses came from the theft of money or proprietary information, such as blueprints for computer programs, and fraud, such as failure to deliver services or equipment that have been paid for.

Despite concerns that foreign governments would begin using computer attacks as a method of terrorism or war, most attacks on American companies still come from individual hackers and disgruntled employees, the report said.

The survey also addresses the increasing frequency of attacks on Internet retailers.

Story Tags
Advertisement

Connect with the Southeast Missourian Newsroom:

For corrections to this story or other insights for the editor, click here. To submit a letter to the editor, click here. To learn about the Southeast Missourian’s AI Policy, click here.

Advertisement
Receive Daily Headlines FREESign up today!