70% of attacks come from internal company
Rich Brewer of International Data Corp. (IDC) commented during Directions '99 that "the perception is that most hack attacks come from political activities and professional industrial thieves, but the reality is that approximately 70 percent of attacks come from within a company. Most security breaches are committed through a bunch of holes, enabling hackers to steal assets and, more important, ideas."[Managing a Network Vulnerability Assessment, Thomas R. Peltier, Justin Peltier and John A. Blackley ]
"Hackers are benefiting from a company's silence," Brewer said, adding that "according to the FBI, fewer than 3 percent of hack attacks were detected last year, and out of those, fewer than 1 percent were reported to the FBI." To defend against hack attacks, "products alone can't save" companies. Companies will have to look at all options: security consulting and implementation; managed firewalls; an intrusion, detection, and response operation; and hacker insurance.
In 1998, a disgruntled programmer at defense contractor Omega Engineering Corp. set off a digital bomb, destroying $10 million in data.
A temporary employee working as a computer technician at Forbes Magazine was charged with crashing the company's network and causing more than $100,000 in damage.