The study conducted by Trusted Strategies for Phoenix Technologies claimed 84 percent of the 
attacks it researched "could have been prevented if the identity of the computers connecting were checked in addition to user IDs and passwords."
In the analysis of Department of Justice prosecutions between March 1999 and February 2006, the study detailed some key findings in these cases. On a case-by-case basis, average damages came to over $3 million, with the worst attacks causing as much as $10 million in damages.
When attackers could pilfer valid usernames and passwords for a network, they were able to inflict the most financial loss and damages. Those cases showed losses of more than $1.5 million per occurrence.
The big damages came when attackers struck through machines authorized to perform particular tasks, and an elevated user or administrator account could be used from those machines. Study Claims Many Network Attacks Preventable
From around the Web
- Windows Vista Service Pack 2 Latest Release Schedule
- Vista SP2: What is inside?
- NetWitness releases free version of security software
- Three Reasons Why Users Won’t Buy Into Security
- Automated security testing & its limitations
- Google Wants to Preinstall Chrome Browser on PCs
- Mozilla warns of Firefox China add on
- Firefox No Longer an Automatic Defense Against Browser Drive Bys
- Google patches Chrome file stealing bug
- Apple plays catch up, adds anti fraud safeguard to Safari
- Researchers find vulnerability in Windows Vista
- How to Use Network Behavior Analysis Tools
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Windows 7 UAC could be less of a nag