Crime Report
Essay by review • November 30, 2010 • Case Study • 5,469 Words (22 Pages) • 2,366 Views
"The 2005 FBI Computer Crime Survey should serve as a wake up call to every company in America."
Frank Abagnale * Author and subject of 'Catch Me if You Can' * Abagnale and Associates
"This computer security survey eclipses any other that I have ever seen. After reading it, everyone
should realize the importance of establishing a proactive information security program."
Kevin Mitnick * Author, Public Speaker, Consultant, and Former Computer Hacker * Mitnick Security Consulting
2005 FBI
Computer Crime Survey
www.fbi.gov/publications/ccs2005.pdf
Introduction 1
Key Findings 1
About the Questions 2
About the Recipients/Respondent . 2
About the Methodology 2
Survey Results . 3-15
About the Analysis . 16
Using the Survey Statistics/Content . . . . . . . . . . . . . . . 16
About the Contributors . 17
Contact Information 17
Table of Contents
2005 FBI Computer Crime Survey
The 2005 FBI Computer Crime Survey addresses one of the highest priorities in the
Federal Bureau of Investigation. These survey results are based on the responses of
2066 organizations. The purpose of this survey is to gain an accurate understanding
of what computer security incidents are being experienced by the full spectrum of
sizes and types of organizations within the United States. The 23-question survey
addressed a wide variety of issues including: computer security technologies used,
security incident types, and actions taken, as well as emerging technologies and trends
such as wireless and biometrics. The survey was conducted in four states including
Iowa, Nebraska, New York, and Texas and was performed by the corresponding FBI
offices in those areas. The survey was conducted in such a way that recipients could
respond anonymously.
This survey is not to be confused with the CSI/FBI Computer Crime and Security
Survey, which has been conducted for several years, and has a somewhat different
focus, method, and restricted number of respondents.
KEY FINDINGS:
* There are a variety of computer security technologies that organizations are increasingly investing
in to combat the relentless, evolving, sophisticated threats, both internal and external. Despite
these efforts, well over 5,000 computer security incidents were reported with 87% of respondents
experiencing some type of incident.
* In many of the responding organizations, a common theme of frustration existed with the nonstop
barrage of viruses, Trojans, worms, and spyware.
* Although the usage of antivirus, antispyware, firewalls, and antispam software is almost
universal among the survey respondents, many computer security threats came from within the
organizations.
* Of the intrusion attempts that appeared to have come from outside the organizations, the most
common countries of origin appeared to be United States, China, Nigeria, Korea, Germany,
Russia, and Romania.
* An overwhelming 91% of organizations that reported computer security incidents to law
enforcement were satisfied with the response of law enforcement.
* Almost 90% of respondents were not familiar with the InfraGard (www.infragard.net) organization
that is a joint effort by the FBI and industry to educate and share information related to threats to
U.S. infrastructure.
* The survey respondents were very interested in being better informed on how to prevent computer
crimes. Over 75% of respondents voiced a desire to attend an informational session hosted by
their local FBI office.
DETAILED FINDINGS:
About the Questions:
The 2005 FBI Computer Crime Survey is unique in that the questions were compiled based on input
from a large number and variety of organizations. Input for the questions was provided by both a large
number of Special Agent computer intrusion investigators, supervisors, and Investigative Analysts
within the FBI, as well as a variety of computer security professionals within the computer security
and digital forensics communities. For the purposes of this survey, Computer Security Incident is
defined as: Any real or suspected adverse event in relation to the security of computer systems or
computer networks.
About the Recipients/Respondents:
Approximately 24,000 organizations received the 2005 FBI Computer Crime Survey. These recipients
were from 430 different cities (with populations ranging from less than 1,000 to New York City, with a
population of more than 8 million) from four states: Iowa, Nebraska, New York and Texas.
About The Methodology:
...
...