Cyberattacks, computer abuse still rising

Federal information technology officials reported a significant increase in cyber attacks and unauthorised use of computers by federal employees last year, according to a report on computer security released this month.

Seventy per cent of federal agencies responding to a survey compiled by the San Francisco-based Computer Security Institute and the FBI said they had been victims of unauthorised use of computer systems in 1998, up from 61 per cent in 1997.

The survey included more than 500 private-sector and public-sector organisations. Although only 40 of the participants represented federal agencies, CSI officials view the results as a fair cross-section of federal security problems. "It's just a snapshot of some of the kinds of problems that federal government agencies are facing," said Richard Power, editorial director for CSI.

More than half of the federal agencies surveyed said independent hackers and disgruntled federal employees were the most likely sources of computer attacks and abuses. Data or network sabotage is one type of attack becoming more common, according to the report. In 1998, 23 per cent of the federal agencies surveyed said they had been the victims of data or network sabotage, up from 10 per cent in 1997. For the entire survey, only 17 per cent of organisations reported sabotage.

Also, insider abuse of Internet access remains a pervasive problem for agencies, according to the survey. Specifically, 78 per cent of federal respondents said federal employees used the Internet in an unauthorised manner.

Some agencies may not have considered insider abuse of Internet access an "unauthorised use of computer systems", Power said, explaining why the percentage reporting Internet abuse exceeds the 70 per cent who reported unauthorised systems use.

As far as intrusions of agencies' World Wide Web sites, 30 per cent of agencies surveyed said they did not know whether their sites had been attacked or misused in 1998. "That's a very troublesome figure," Power said. "But to say you don't know means you don't have adequate staff and adequate tools" to find out.

The survey also showed that federal agencies are more likely to report computer intrusions to law enforcement agencies, such as the FBI, than are their private-sector counterparts. While only 32 per cent of all organisations surveyed said they reported intrusions to law enforcement, 43 per cent of federal agencies surveyed said they had reported attacks to authorities. Last year, only 34 per cent of federal respondents said they had contacted law enforcement after a computer intrusion.

Federal IT security officials believe government agencies are more likely to report cyber attacks and computer misuse because IT security in the federal arena has received significant attention.

"We believe that it's the heightened awareness of the federal agencies that has resulted in an increase of reports," said Judith Spencer, director of the Centre for Government-wide Security at the General Services Administration and manager of the Federal Computer Incident Response Capability program.

But determining when a computer intrusion has occurred still remains a challenge for many agencies.

"We do feel pretty confident that lots of incidents happen that don't get reported, that don't even get noticed," said Shawn Hernan, leader of CERT Coordination Centre's Vulnerability Handling Team at the Software Engineering Institute, a Defense Department-funded organisation at Carnegie Mellon University.

Join the newsletter!

Error: Please check your email address.

More about Carnegie Mellon University AustraliaCERT AustraliaComputer Security InstituteFBIFederal Computer Incident Response CapabilityMellon

Show Comments