FBI Says Attacks Succeeding Despite Security Investments

A new survey by the FBI has found that despite investing in a number of security technologies, companies are still continuing to fall victim to network attacks and many of those attacks are going unreported.

According to an article by Bill Brenner on the SearchSecurity.com website, the 2005 FBI Computer Crime Survey was released last week and found that security software and hardware “failed to prevent more than 5,000 incidents among those surveyed,” Brenner says.

The survey also found that 87 percent of respondents said they experienced some type of incident in the past year, with a common point of frustration being the nonstop barrage of viruses, Trojans, worms and spyware.

Almost all respondents to the survey use antivirus, antispyware, firewalls and antispam software to protect themselves from attack, but that “apparently did little to stop malicious insiders,” Brenner says.

“I continue to be surprised, not at the variety of incidents, but at the magnitude of flaws in deployed systems and the subsequent attacks and losses, all of which are accepted as business as usual,” Eugene Spafford, a computer science professor at Purdue University, advisor to presidents Bill Clinton and George W. Bush and director of the Center for Education and Research in Information Assurance and Security (CERIAS), said in the survey report. “So long as we continue to apply patches and spot defenses to existing problems, the overall situation will continue to deteriorate. Without a significant increase in focus and funding for both long-term cybersecurity research and more effective law enforcement, we can only expect more incidents and greater losses year after year.”