Even before the Internet, computer security was a problem. In the 1986 movie War Games, we saw a young Matthew Broderick hacking his way into the computer that controls the U.S.' nuclear command and control. Today's hackers are the phone freakers of the 1980s, emulating telephone noises to obtain free long-distance calls. Viruses and worms have been part of the background noise of cyberspace since its earliest days. So what's new?
Well, the numbers tell the tale. In 2000, there were 21,000 reported virus incidents. Three years later, the number was more than six times higher. In 2002, the worldwide cost of worms and viruses was estimated at $45 billion; August 2003 alone saw costs of almost the same magnitude, while the annual cost will rise 300% year over year. Twenty-seven million Americans have been the victims of identity theft in the past five years, but one-third of that total were victimized in the past 12 months. Patches to correct the kind of commercial-software vulnerabilities that hackers target most frequently were once issued at a rate of maybe 10 per month. In 2002, they appeared at a rate of dozens per week. And in 2003, worms that used to take several days to travel around the globe spread to more than 300,000 systems on six continents in less than 15 minutes from launch.
The implications are huge for corporate America. Five years ago, U.S. corporations spent 2% to 3% of their IT budgets on security; now that portion is roughly 8% to 12% (see chart at left). And the worst is, it hasn't helped. In recent months, even the most security-aware companies have been victimized. These include airlines, large banks, electric utilities, investment houses, railroads, and other critical infrastructure enterprises that have developed IT security policies and spent lavishly on defensive technologies.
The link for this article located at SecurityPipeline is no longer available.