News

Device Identification Can Thwart Stolen-Password Attacks

Phoenix Technologies has announced the findings of a study on Department of Justice network crime prosecutions that reveals most attacks used stolen IDs and passwords, resulting in far greater damages to affected organisations than previously thought. Up to USD10 million per occurrence and on average more than USD1.5 million per occurrence.

The report, "Network Attacks: Analysis of Department of Justice Prosecutions 1999-2006," concludes that eighty-four percent of serious network attacks could have been prevented if, in addition to checking the user ID and password, the organisation had verified the identity of the computer connecting to their networks and accounts.

"The findings were similar to other reports, but we also looked at how the intruder came in, what kind of computer he was using, who owned that computer and what was the relationship of that computer to the organisation," Bill Bosen, co-founder of Trusted Strategies and author of the report, 'Network Attacks: Analysis of Department of Justice Prosecutions 1999-2006' said. "What we found was that 80% of the attacks were coming from home computers that had no relationship to the organisation at all."

Bosen said these crimes could have been prevented if the organisation had checked the computer's identification and authentication as well as user IDs during log-on.

"[The findings] are consistent with my own work," said Rob Enderle, an analyst at Enderle Group in San Jose. "Historically, while virus attacks and malware tend to get the press largely because a single attack can cover a lot of companies, at the individual company level, targeted attacks from amateurs are often vastly more damaging, and that's what the study concluded. We have known for two decades now that passwords are an inadequate way to secure resources, yet we still use that as the primary method to identify users."


print	save	email	comment