Feds to conduct first cybercrime survey

The federal government will conduct a comprehensive survey beginning this month to create the first national baseline to measure the extent of cybercrime and its effect on businesses.

The National Computer Security Survey, which will be jointly conducted by the Justice Department’s Bureau of Justice Statistics and the Homeland Security Department’s National Cyber Security Division, will sample thousands of companies across 37 industries and run through the end of the year.

Officials plan to collect data about the nature and extent of computer security incidents, the costs of such incidents, types of offenders, reporting to authorities and the way businesses measure computer security, among other details.

Officials have said there is only anecdotal evidence to support decisions to fight cybercrime. The voluntary national survey will provide nationally representative scientific evidence to develop better policies to target resources against cyberattacks on the nation’s 5.3 million businesses.

The survey will be based on a 2001 questionnaire sent to 500 businesses. Of the 198 companies that responded to the questionnaire, 74 percent reported they were victims of a cybercrime, such as embezzlement, fraud or theft of proprietary information. According to the questionnaire, two-thirds of businesses reported being victimized by a computer virus at least once, one-fourth experienced denial-of-service attacks and one-fifth said their computer systems were vandalized or sabotaged.

The national survey will also be repeated every one to two years to track cybercrime trends. Participating companies will get information to compare themselves with other companies in their industry sector. However, the collected data itself will remain confidential.

Recently, a panel of federal cybersecurity experts at an industry-sponsored event said cybercriminals are driven more by profit than any other reason, which will fuel a rise in cyberattacks over the next year.