Rogue devices behind majority of attacks, study shows

Bill Brenner

Simply paying attention to who is accessing their networks could help enterprises prevent the majority of attacks, a new study shows. The study, which looked at data from Department of Justice prosecutions from the last seven years, found that most of the attacks involved in those cases could have been stopped had the companies deployed systems to check the identity of the machines connecting to their networks.

Pleasanton, Calif.-based research firm Trusted Strategies sifted through DOJ records of cybercrimes between March 1999 and February 2006. The firm found that 84% of network attacks against companies probably wouldn't have happened had companies implemented device identification and authentication methods in addition to requiring user names and passwords.

"We found that most devices connecting to the network were unsanctioned by the company," said Trusted Strategies' Bill Bosen, who spent a year and a half studying Justice Department records. "If the companies had checked the individuals' devices as well as their identity before letting them connect, most of these crimes wouldn't have happened."

Most attacks in the last seven years involved stolen IDs and passwords, and companies suffered anywhere from $1.5 to $10 million in damage as a result, Bosen said.

The study also found that:

  • The average financial loss was more than $3 million per case
  • Although the global damages of viruses can be high, the average cost
  • Requires Free Membership to View