Australia losing tech crime war

Australia losing tech crime war

Despite the growing awareness of computer crime and IT security breaches, instances of both continue to blight corporate and home computer users in 2003.

That is among the findings of the 2003 Australian Computer Crime and Security Survey, produced jointly by AusCERT (Australian Computer Emergency Response Team), the Australian Federal Police and the forces in Queensland, WA and South Australia, which reveals that computer hacking is rampant in Australia.

In spite of the widespread use of anti-virus software and the implementation of policies to develop controls against malicious software, 80 per cent of respondent organisations were infected with a virus, worm or trojan, with 57 per cent suffering financial loss as a result.

Total losses for 2003 are estimated to be around $12 million, more than double the amount lost in 2002, although with the majority of IT security incidents not reported to police, the real figure could be much greater.

A continuing shift towards externally-sourced harmful attacks and fewer internally-sourced harmful attacks was uncovered in the findings. Of those who experienced attacks which harmed data confidentiality, integrity or availability, 91 per cent experienced externally sourced attacks, with just 31 per cent experiencing internally-sourced attacks.

AusCERT general manager Graham Ingram said the results of the survey illustrated that most organisations still have not got to grips with managing issues pertaining to the protection of their information systems.

"The fact that greater numbers are reporting harmful externally-sourced attacks and fewer are reporting internally-sourced attacks simply means that with increased connectivity and exposure to the Internet, the opportunities for external attacks are occurring at a faster rate."

So what can be done to reduce such attacks? Ingram added: "Organisations need to ensure they are able to operate their information systems securely prior to connecting to the Internet. In some cases, it is clear that organisations aren't aware of some relatively basic security issues and have paid dearly."

Alastair MacGibbon, director of the Australian High Tech Crime Centre, said the survey armed the police with a very useful analytical tool to uncover the level, nature and complexity of IT security incidents in Australia and the subsequent damage caused by them.

"(The survey) compliments the broader crime statistics collected by Governments – which often miss the Internet component to crimes – and allows us to focus on one key aspect of the broader e-crime environment."

Related Article:

EDS extends contract with Australian Taxation Office

Business Solution: