TechTarget

ID theft can cost businesses $10m a hit

Attacks on computer networks using stolen user IDs and passwords can cause up to $10m (£5.27m) damage a time, an analysis of criminal prosecutions has revealed.

Attacks on computer networks using stolen user IDs and passwords can cause up to $10m (£5.27m) damage a time, an analysis of criminal prosecutions has revealed.

The study of attacks on computer networks prosecuted by the US Justice Department between 1999 and 2006 found that most attacks used stolen IDs and passwords.

The financial damage caused to organisations hit by the network criminals averaged more than $1.5m for each occurrence, with losses in the worst cases going up to $10m.

But the attacks could have been prevented in 84% of cases if device identification and authentication had been used in addition to user ID and passwords, the research commissioned by Phoenix Technologies from analyst firm Trusted Strategies found.

In 88% of cases, attackers had logged onto one or more privileged user accounts, using IDs and passwords obtained through password cracking programs, collusion with company insiders and other methods.

The report says, “Network attacks could have been prevented in 84% of all cases if the organisation had implemented protections. In other words, only requiring user IDs and passwords for network access to high-value information assets should no longer be considered adequate network security.”

 

Vote for your IT greats

Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?

Vote now at: www.computerweekly.com/ITgreats

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close