RSS

Study Claims Many Network Attacks Preventable

David Utter
Staff Writer
2006-08-29

Insider Reports RSS Feed

But the study commissioned by Phoenix Technologies found that the worst cases of damage to organizations impacted by a network attack came from computers where attackers logged into accounts with elevated privileges.

Protect Your Network

The study conducted by Trusted Strategies for Phoenix Technologies claimed 84 percent of the attacks it researched "could have been prevented if the identity of the computers connecting were checked in addition to user IDs and passwords."

In the analysis of Department of Justice prosecutions between March 1999 and February 2006, the study detailed some key findings in these cases. On a case-by-case basis, average damages came to over $3 million, with the worst attacks causing as much as $10 million in damages.

When attackers could pilfer valid usernames and passwords for a network, they were able to inflict the most financial loss and damages. Those cases showed losses of more than $1.5 million per occurrence.

The big damages came when attackers struck through machines authorized to perform particular tasks, and an elevated user or administrator account could be used from those machines.

Despite the major news coverage of some worm and virus outbreaks, the study said losses from attacks using stolen login credentials far exceeded the effects of such malware. The $10 million case involved stolen information, which the attacker used to delete the victim company's sophisticated manufacturing software programs.

Government led the list of industries affected by such attacks, and represented 23 percent of the cases considered in the study. Retail and High Tech followed at 22 and 20 percent respectively, while the financial industry figured in 16 percent of the cases.

The study encouraged the use of credentialing methods beyond the simple username and password combination that has been a de facto security method for years. Verification of the computer's identity would have helped greatly, as 78 percent of the attacks studied began at the attacker's home computer.

That is not a foolproof method, though, since an authorized user may be using VPN software to access a system from home. If they have malicious intent and a valid login to a network, only the most rigorous and frequent auditing of user activity would catch some attacks before they can cause damage.

---
Tag: Network Security

Add to

Del.icio.us |

Digg |

Yahoo! My Web |

Furl

Get all the updates in RSS:

About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More insider_reports_insider Articles

Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Featured On:

article resources

WebProWorld.com

•	Get in-touch with industry experts and leaders
•	Post your site for review by expert and peers
•	Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com


Titan Quest Forum The #1 Titan Quest forum
Halo 3 Forum The best Halo, Halo 2, Halo 3 forum
Nintendo Wii Nintendo Wii news and views
Mac Software The best in OS X freeware
Graphics Forum Your source for graphic tutorials