Cybercrime threats posed to targeted organizations are increasing faster than many organizations can combat them. Moreover, a new survey suggests the threat of cybercrime is heightened by current security models that are only minimally effective against cyber criminals.
More than 500 respondents, including business and government executives, professionals and consultants, participated in the survey. The survey is a cooperative effort of CSO, the U.S. Secret Service, Software Engineering Institute CERT Program at Carnegie Mellon University and Deloitte’s Center for Security & Privacy Solutions.
Repeat offense on the rise
The 2010 CyberSecurity Watch Survey uncovered a drop in victims of cybercrimes (60% vs. 66% in 2007), however, the affected organizations have experienced significantly more attacks than in previous years.
Between August 2008 and July 2009 more than one third (37%) of respondents experienced an increase in cybercrimes compared to the previous year. While outsiders (those without authorized access to network systems and data) are the main culprits of cybercrime in general, the most costly or damaging attacks are more often caused by insiders (employees or contractors with authorized access). One quarter of all cybercrime attacks were committed by an unknown source.
“It is alarming that although most of the top 15 security policies and procedures from the survey are aimed at preventing insider attacks, 51% of respondents who experienced a cyber security event were still victims of an insider attack. This number is holding constant with the previous two surveys (2007 and 2006),” said Dawn Cappelli, technical manager of the Threat and Incident Management Group at CERT. “Insider incidents are more costly than external breaches, according to 67% of respondents. CERT has been working with government and industry leaders to develop recommendations for new solutions to this problem using commercial and open source tools, and invite organizations to share their insights with us.”
Security budgets soar
Although the number of incidents rose, the ramifications have not been as severe. Since 2007, when the last cybercrime survey was conducted, the average monetary value of losses resulting from cybercrimes declined by 10%. This can likely be attributed to an increase in both IT security spending (42%) and corporate/physical security spending (86%) over the past two years.
“The Secret Service’s international network of 29 Electronic Crimes Task Forces continuously monitors trends in cybercrime and the impact that this type of criminal activity has on various organizations and the American public,” said assistant director Michael Merritt of the U.S. Secret Service. “The aggressive proactive approach of combining resources with international, federal, state, and local law enforcement partners, the private sector, and academia through our Electronic Crimes Task Forces has proven to be a very effective tool in combating the transnational cyber criminal organizations that are currently targeting the U.S. financial infrastructure. This collaborative approach has been so successful that in 2009, our Electronic Crimes Task Forces led the investigation into two of the largest data breach cases ever prosecuted in the United States.”
As technology advances, so do the methods to commit cybercrimes. Outsiders invade organizations with viruses, worms or other malicious code, phishing and spyware, while insiders most commonly expose private or sensitive information unintentionally, gain unauthorized access to/use of information systems or networks and steal intellectual property.
The survey finds that insiders most often use their laptops or copy information to mobile devices as a means to commit electronic crimes against their organization. The survey uncovered the fact that data is often downloaded to home computers or sent outside the business via email. This may lead to damaged organizational reputations and may put organizations in violation of state or federal data protection laws.