Did you know that the Bush administration is pushing to spend $6 billion on cyber security in 2008? (Wall Street Journal)
Would you like to know why? If so read the facts below.
Did you know that AL QAEDA'S top cyber terrorist used phishing schemes and other cyber attacks to steal credit card accounts and buy $3 million worth of terrorist equipment? (FBI)
Did you realize that in the past minute over 5,000 significant incidents were reported to HackerWatch.org? (Hackerwatch.org)
Did you realize that the financial impact of computer viruses in 2005 was over $14 billion and continues to grow? (Computer Economics)
Did you know the busiest day of the week for vulnerability disclosures continued to be Tuesday with 1,361 new vulnerabilities disclosed on this day of the week in 2007? (IBM)
Did you know that nearly 90 percent of all the 2007 vulnerabilities could be remotely exploited? (IBM)
Did you know there was a new software vulnerability reported every 82 minutes? (CERT)
Did you know that Symantec recorded an average of 5,213 denial of service (DoS) attacks per day in the second half of 2006? (Symantec)
Did you know that in 2006 of the individuals who reported hard dollar losses the largest median losses were from the Nigerian letter fraud ($5,100) followed by check fraud ($3,744) and other investment fraud ($2,695). (Internet Computer Complaint Center)
Did you know that only about 1% of users follow corporate data and computer security policies? (Absolute Software Research Survey)
Did you know that 27% believe their company has experienced a data security breach? (Absolute Software Research Survey)
Did you know that so far this year there have been 44 corporate and governmental data breaches (reported)? That is about 1 per day when I collected this data. (Privacy Clearing House)
Did you know that all three branches of the military have cyber warfare /information warfare units, including: Navy Network Warfare Command; Air Force U.S. Cyber Command; Army - TRADOC G2.
Did you know that in a two week period five cables were severed in various parts of the Mediterranean Sea, leading to large scale disruption of the Internet and telecom services in the Middle East and parts of Southeast Asia. Two of the five cables were cut in two different places. (Reuters)
Did you know that organized crime has used the internet for criminal activity for some time. Recently, (2 years ago) there has been a huge increase in mob based attack sophistication that has moved organized crime over the internet from an irritation to a serious problem. (IT Security)
After reading the above information, how could anyone dismiss the threats we face in cyberspace? Yet some do, and some on here think I am overstating the threat. It has been my experience the one of the biggest security threats to an organization is the attitude of their Chief Security Officer. Most of the individuals I work with wake up every morning and ask themselves three questions.
1. What has happened that I dont know about?
2. What do I need to know that I dont?
3. Who are my new adversaries today?
The I know everything attitude of many of these individuals, increase the risk of a successful attack significantly. I was in one such meeting in the DC area where the CSO actually stated, I have it all under control yet they have lost three laptops in about a year and none of the hard drives were encrypted. And they contained sensitive data.
Consider this point: if the information provided here is publically available, what do you think the threat looks like to those of us with security clearances and who work in the area of international cyber warfare and attacks? You can be sure it is not better looking.