Incidents of unauthorized use of computer systems declined in the past year, continuing a trend that began in 2001, according to a survey just released by the Computer Security Institute and FBI.
Just 53 percent of the 494 U.S. computer security practitioners acknowledge the unauthorized use of a computer in their organization in the last 12 months, the smallest percentage recorded since 1999, The 2004 Computer Crime and Security Survey was conducted by CSI with the FBI's Computer Intrusion Squad in San Francisco.
It also found that denial of service (DoS) attacks were the most costly for organizations and that fewer organizations are reporting computer intrusions to law enforcement.
The survey polls security experts in U.S. corporations, government agencies, universities, financial and medical institutions about a wide range of security issues. This is the ninth year that CSI and the FBI have released the survey.
In addition to a decrease in unauthorized access to computer systems, the number of respondents who said there was no unauthorized access to a computer in their organization increased in the last year to 35 percent, and only 11 percent of those polled said they did not know if there was any unauthorized use of a machine.
New questions in this year's survey revealed that 15 percent of respondents reported that wireless networks at their organization had been abused and 10 percent experienced the misuse of public Web applications, according to the survey.
DoS attacks were, by far, the most costly, when measured in dollars, according to the survey. The total losses from DoS attacks in the last 12 months was reported to be $26 million by those responding to the survey. Theft of proprietary information was the next most costly type of attack, with $11.4 million in total losses reported, the survey says.
Total losses due to the top 12 kinds of security incidents for the last 12 months were $141.4 million, according to the survey.
The CSI-FBI poll follows another, similar survey by CSO magazine, the results of which were released earlier this week.
That survey, of 476 chief security officers (CSOs) and senior security executives, finds 15 percent of those responding say their employer lost or had critical documents or corporate information copied without authorization in the last year. Almost one quarter of those responding to the CSO survey said they could not be sure whether such losses had occurred at their company.