Device Identification Could Prevent Majority of Network Attacks: Report on DOJ Prosecutions

Business Wire, August 28, 2006

MILPITAS, Calif. -- DOJ Data Shows Stolen IDs and Passwords Cost Individual Organizations Up to $10 Million Per Occurrence, Far More than Viruses, Spyware, Trojans and Worms

Phoenix Technologies Ltd. (Nasdaq:PTEC) today announced the findings of a landmark study on Department of Justice network crime prosecutions that reveals most attacks used stolen IDs and passwords, resulting in far greater damages to affected organizations than previously thought: up to $10 million per occurrence and on average more than $1.5 million per occurrence. The report, "Network Attacks: Analysis of Department of Justice Prosecutions 1999-2006," concludes that 84 percent of attacks could have been prevented if, in addition to checking the user ID and password, the organization had verified the identity of the computer connecting to their networks and accounts.

Previous studies on the financial damage of computer crimes used surveys of affected organizations, leading to often-questionable data and conclusions about such crimes. This new study conducted by research and advisory firm Trusted Strategies analyzed data validated by the legal process of all cases prosecuted and publicly disclosed by the Department of Justice between March 1999 and February 2006.

Among the additional key findings of the study:

--Average financial loss was more than $3 million per case

--Although the global damages of viruses can be high, the average cost to an individual company from any single virus attack analyzed in this study was surprisingly low, at $2,382

--The crimes hit most sectors of the U.S. economy, including government, technology, online retail, financial services, communications, education, manufacturing and healthcare

--Attackers logging onto privileged user or administrator accounts where a small number of authorized computers were sanctioned to perform work caused the most damages

In 88 percent of the cases, the attacker logged onto one or more privileged user accounts. Criminals who accessed privileged accounts obtained IDs and passwords through many means, including network sniffing, use of password cracking programs, collusion with insiders and employees sharing their IDs and passwords with co-workers who later left the organization and used that knowledge to gain access.

The report concludes, "Network attacks could have been prevented in 84 percent of all cases if the organization had implemented device identification and authentication in addition to user ID and password protections. In other words, only requiring user IDs and passwords for network access to high-value information assets should no longer be considered adequate network security."

The report, "Network Attacks: Analysis of Department of Justice Prosecutions 1999-2006," can be downloaded at https://www.phoenix.com/cybercrime. Phoenix Technologies Ltd. commissioned the report.

About Phoenix Technologies Ltd.

Phoenix Technologies Ltd. (Nasdaq:PTEC) is a global market leader in device-defining software that assures endpoint confidence, from the start. The company first established dominant industry leadership 26 years ago with BIOS software, currently has over one billion products deployed and continues to ship in over 100 million new systems each year. From this unique foundation of core system level expertise and firmware offering the highest levels of reliability, Phoenix has created a portfolio of innovative software products that simply and easily identify and restore devices, thereby ensuring unparalleled endpoint security and availability.

With a focused commitment to the highest levels of customer confidence and satisfaction, Phoenix serves enterprise and government channel partners, ODMs, OEMs, system builders and ISVs by enabling them to decrease time to market, differentiate their products, create value, increase profits and lower cost of ownership. Phoenix is headquartered in Milpitas, California with offices worldwide in global business and technology centers. For more information, visit www.phoenix.com.