FBI Cyber Attack data - Interesting stuff
Among the key findings:
§ Frequency of attacks. Nearly nine out of 10 organizations experienced computer security incidents in a year's time; 20% of them indicated they had experienced 20 or more attacks.
§ Types of attacks. Viruses (83.7%) and spyware (79.5%) headed the list. More than one in five organizations said they experienced port scans and network or data sabotage.
§ Financial impact. Over 64% of the respondents incurred a loss. Viruses and worms cost the most, accounting for $12 million of the $32 million in total losses.
§ Sources of the attacks. They came from 36 different countries. The U.S. (26.1%) and China (23.9%) were the source of over half of the intrusion attempts, though masking technologies make it difficult to get an accurate reading.
§ Defenses. Most said they installed new security updates and software following incidents, but advanced security techniques such as biometrics (4%) and smart cards (7%) were used infrequently. In addition, 44% reported intrusions from within their own organizations, suggesting the need for strong internal controls.
§ Reporting. Just 9% said they reported incidents to law enforcement, believing the infractions were not illegal or that there was little law enforcement could or would do. Of those reporting, however, 91% were satisfied with law enforcement's response.
And 81% said they'd report future incidents to the FBI or other law enforcement agencies. Many also said they were unaware of InfraGard, a joint FBI/private sector initiative that battles computer crimes and other threats through information sharing.