computerwoche.de

Archiv

Study: Device ID could stop stolen-password attacks

01.09.2006
Eighty-four percent of serious network attacks could have been prevented if, in addition to checking user ID and password, organizations had verified the identity of the computer connecting to their networks, according to a report by research firm Trusted Strategies LLC in Pleasanton, Calif. That report, commissioned by BIOS maker Phoenix Technologies Ltd. in Milpitas, Calif., only covers cases where companies reported the incidents and federal officials were able to charge someone with a crime.

Among such cases, attacks that used stolen IDs and passwords caused greater damage than previously thought, said Bill Bosen, co-founder of Trusted Strategies and author the report, "Network Attacks: Analysis of Department of Justice Prosecutions 1999-2006."

The study analyzed data from all cases prosecuted and publicly disclosed by the Department of Justice between March 1999 and February 2006, Bosen said.

"We took the records from the Department of Justice after they had been through the legal system so we're very excited about the quality of the data," he said. "The data from this survey had been through the actual judicial process and there had been a lot of scrutiny."

Bosen said some of the report's findings were unexpected. For example, financial losses from attacks with stolen passwords far exceeded damages from worms, viruses and other methods, according to those cases prosecuted by the Justice Department.

Bosen said the average cost to an organization when privileged accounts were penetrated was more than US$1.5 million, compared to $2,400 for any single virus attack.