新聞稿: 2012年10月11日
主題: 創新科技

HP 研究顯示網絡犯罪造成之損失上升接近四成、攻擊次數倍增

智能保安解決方案對減輕影響至關重要
» English


瀏覽大圖

香港,2012年10月11日 — HP今天發佈最新調查,反映網絡犯罪導致的損失及其頻率均連續第三年上升。

根據對美國企業的第三次年度研究顯示,網絡攻擊在過去三年期間上升一倍以上,所造成的經濟影響已增加接近四成(1)

由HP贊助Ponemon Institute進行的2012年網絡犯罪損失研究(2012 Cost of Cyber Crime Study)發現,美國機構的一個基準樣本平均每年因網絡犯罪引致之損失為890萬美元,較2011年據報之平均損失上升6%,並較2010年上升38%。2012年的研究亦顯示機構平均每週遭成功攻擊102次對比於2011年每週72次及2010年每週50次,網絡攻擊的次數增加42%。

HP企業安全產品部全球產品及解決方案市務副總裁Michael Callahan表示:機構正花費越來越多的時間 金錢和精力處理網絡攻擊,情況即將變得難以持續。有明確的證據顯示部署先進的智能保安解決方案有助顯著減低這些攻擊所造成的損失次數影響。」

代價最高的網絡犯罪持續是源於惡意代碼、拒絕服務、設備遭盜竊或騎刧,以及遭惡意內幕人的攻擊;這些結合起來佔每間機構每年的網絡犯罪損失逾78%。其他重要調查結果包括:

  • 資訊盜竊及業務中斷繼續成為最高的外在損失。按年計算,資訊盜竊佔總外在損失44%,較2011年增加4%。業務中斷或失去生產力則佔外在損失30%,較2011年增加1%。
  • 部署先進的智能保安解決方案能減輕網絡攻擊的影響。機構部署安全資訊及事故管理(security information and event management, SIEM)解決方案每年可節省接近160萬美元的花費。相對沒有部署SIEM解決方案的機構,這些機構的復原、偵測及圍堵成本顯著較低。
  • 若不盡快解決,網絡攻擊可造成嚴重損失。根據今年的研究,解決一宗網絡攻擊平均需時24天,但可長達50天。在這24天期間所涉及的平均損失為US$591,780,較去年平均18天的解決時間所估計的US$415,748平均損失增加42%。
  • 復原及偵測依然是與網絡犯罪相關內部活動的最高昂代價。按年計算,這些活動佔差不多一半的總內部損失;營運開支及人手佔總數的大部份。

Ponemon Institute主席兼創辦人Larry Ponemon博士表示:這項基準研究旨在量化網絡攻擊的經濟影響及經過一段時間觀察損失的走勢。我們相信對網絡 犯罪損失有更佳的了解,可協助機構決定合適的投資數目及所需資源,以防止或減輕攻擊所造成的災難性後果。」

連同該項對美國企業的第三次年度研究,網絡犯罪損失研究亦於澳洲、德國、日本及英國進行。HP將主辦一連串的網絡研討會,以展示這些研究的發現。以美國為重點的網絡研討會於11月7日舉行。有關是次網絡研討會及在其他地區舉行之同類活動的額外資訊,可瀏覽 www.hpenterprisesecurity.com/ponemon-cost-of-cyber-crime/

HP 正透過HP智能保安平台(HP Security Intelligence platform) 改變企業保安之形勢。方案特別利用先進的威脅研究,以及安全事故與漏洞的強大相關性,提供涵蓋IT營運、應用程式及基礎架構的智能保安。

有關HP企業安全解決方案的額外資訊,可瀏覽www.hpenterprisesecurity.com/solutions

HP的主要歐洲、中東及非洲客戶活動 – HP Discover – 將於2012年12月4日至6日在德國法蘭克福舉行。


(1) Ponemon Institute專門從事field-based研究,涉及高層人士的訪問及搜集真實網絡犯罪事故的詳情。這項研究最終完成了56間位於美國的機構之個案研究。當中許多機構均屬跨國公司。

媒體聯絡人

HP 簡介

HP以科技開拓新視野,為個人用戶、企業、政府機構及社會作出有意義的貢獻。HP擁有最廣泛的科技產品組合,涵蓋打印、個人電腦、軟件、服務及IT基礎架構,為全球客戶提供解決方案,協助客戶應對最複雜的挑戰。欲取得更多有關HP(紐約證交所上市代號:HPQ)的資訊,請瀏覽網址http://www.hp.com.hk

Microsoft is a U.S. registered trademark of the Microsoft group of companies.

This news release contains forward-looking statements that involve risks, uncertainties and assumptions. If such risks or uncertainties materialize or such assumptions prove incorrect, the results of HP and its consolidated subsidiaries could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to statements of the plans, strategies and objectives of management for future operations; any statements concerning expected development, performance, market share or competitive performance relating to products and services; any statements regarding anticipated operational and financial results; any statements of expectation or belief; and any statements of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include the need to address the many challenges facing HP’s businesses; the competitive pressures faced by HP’s businesses; risks associated with executing HP’s strategy and plans for future operations; the impact of macroeconomic and geopolitical trends and events; the need to manage third-party suppliers and the distribution of HP’s products and services effectively; the protection of HP’s intellectual property assets, including intellectual property licensed from third parties; risks associated with HP’s international operations; the development and transition of new products and services and the enhancement of existing products and services to meet customer needs and respond to emerging technological trends; the execution and performance of contracts by HP and its suppliers, customers, clients and partners; the hiring and retention of key employees; integration and other risks associated with business combination and investment transactions; the execution, timing and results of restructuring plans, including estimates and assumptions related to the cost and the anticipated benefits of implementing those plans; the resolution of pending investigations, claims and disputes; and other risks that are described in HP’s Annual Report on Form 10-K for the fiscal year ended October 31, 2013, and that are otherwise described or updated from time to time in HP’s Securities and Exchange Commission reports. HP assumes no obligation and does not intend to update these forward-looking statements.

© 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.