Law Enforcement and Computer Security Discourse
How Big is Hacking?
It would be good to know how common hacking is, to be able to understand why the computer security discourse sees it as a large problem. Unfortunately figures vary widely and are hard to estimate with accuracy. In 1990, Sterling estimated that there were five thousand hackers, of which a couple hundred were "elite." Clough and Mungo (1992, ctd. in Jordan and Taylor) estimated two thousand "really dedicated, experienced, probably obsessed computer freaks" and up to ten thousand less dedicated ones. The primary in-print hacking magazine, 2600: The Hacker Quarterly, had under three thousand subscribers in 1990. With increasing access to computers and rapid growth in the Internet, hacking has undoubtedly grown since then.
Most corporations have problems with hacking, and it likely increasing. The Computer Security Institute survey of over 500 companies, banks, universities and government agencies showed 64% having a problem with hacking in 1997 (with ¾ of the attacks causing a financial loss), compared to 48% in 1996 (ctd. in Van Slambrouck). Military targets are especially popular. According to the General Accounting Office, the Department of Defense was attacked as many as 250,000 times in 1995. Taylor’s 1993 survey of 200 organizations found 64.5% had been hacked, 18.5% only had a virus (probably introduced unintentionally), and 17% had no known activity (ctd. in Taylor and Jordan). He argued that hacking was likely underestimated in surveys as companies do not realize or do not want to admit that their security is lacking. A 1996 WarRoom survey of 236 organizations found that during the past year 58% had been hacked, 29.8% did not know, and 12.2% had no attacks (ctd. in Taylor and Jordan).
The increase in website hacking, as documented by www.attrition.org, is obviously exponential:
Year Number of website defacements
1995 4
1996 18
1997 39
1998 194
1999 1905 (for the year up until 09/01/99)
Try us on Wibiya!
0 comments:
Post a Comment