Despite the significant impact, there is no clear framework for adult webmasters to figure their liability should such an attack occur on their sites. In fact, many don't have plans for addressing their cyber risks.
The rate of incidents, or specifically targeted attacks on computer systems has risen steadily. And the Internet Security Alliance has been keeping track of the steadily growing numbers.
In 1988, six such attacks were reported. By 1998, they numbered 3,000. 2002 saw more than 110,000 cyber attacks.
These numbers are alarming, but vastly underreported. "People don't like reporting that they're vulnerable," said Larry Clinton, president of the Internet Security Alliance.
Most viruses reported in the mainstream are isolated incidents. Most were benign exercises in "hacktivism" such as defacing the Republican National Committee's web page or a rival's network.
"Now they are different, the majority being done for money," Clinton adds. "Some recent attacks are worrisome such as a recent attack that disabled nine out of 11 root servers."
"The attackers are no longer high school kids, they are organized criminals or worse. Nation states or terrorists or other seriously bad people who are doing this for a tremendous range of reasons."
Although the number of attacks approaches larger proportions, the number of attacks being reported has significantly dropped since "the mode purpose of the attack has changed dramatically," Clinton said. "The insidious stuff is designer malware. It's designed specifically to enter and sit there dormant. It may access your personal finances or corporate intellectual property or the operating system for the company — without your knowledge."
In order to get a better defense against such attacks, The American National Standards Institute (ANSI) and the Internet Security Alliance (ISA) will publish "The Financial Impact of Cyber Risk: 50 Questions Every CFO Should Ask" which will be released on Monday.
More information, including the financial impact study, can be obtained from the Internet Security Alliance and the American National Standards Alliance.
