Cyber incidents affecting government information systems rose by 39 percent to 41,776 in fiscal year 2010, which ended Sept. 30, according to a new report from the Office of Management and Budget.
OMB's annual report to Congress also revealed that phishing represented more than half of the 107,439 cyber incidents compiled by the United States Computer Emergency Readiness Team for FY2010 from federal, state and local governments, commercial enterprises, American citizens and foreign CERT teams. Thirty-nine percent of the incidents came from the federal government. "Malicious code through multiple means (e.g., phishing, virus, logic bomb) continues to be the most widely used attack approach," the report said. Among federal agencies, 31 percent of cyber incidents last year involved malicious code. Unauthorized access represented nearly 14 percent of reported incidents; improper usage, 17 percent; scans, probes and attempted access, 27 percent; and denial of service, 0.1 percent. More than 27 percent of federal incidents were categorized as under investigation or other. Here's the breakdown of the 107,439 incidents reported to U.S.-CERT in FY2010: Phishing: 56,579 incidents, 52.7 percent of incidents. Virus/Trojan/worm/logic bomb: 11,001, 10.2 percent Malicious website: 7,971, 7.4 percent Non-cyber: 7,741, 7.2 percent Policy violation: 6,888, 6.4 percent Equipment theft/loss: 5,395, 5 percent Suspicious network activity: 3,121, 2.9 percent Attempted access: 2,712, 2.5 percent Social engineering: 1,571, 1.5 percent The original report can be downloaded from here: http://www.whitehouse.gov/sites/default/files/omb/assets/egov_docs/FY10_FISMA.pdf -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
