The huge increase is because companies recognize that their Web sites provide a gateway for thieves to steal data, experts say. "We're seeing a huge change in the numbers, not because these things weren't happening, but because people weren't aware that attackers could walk right through their front doors and steal information," says Erik Caso, VP of business development at NT Objectives Inc., an application security and software company.
Companies have invested heavily in firewalls, intrusion-detection systems, and other technologies to protect their networks, but they've largely ignored the fact that public Web sites provide enough information to allow criminals to get at sensitive data. By simply manipulating URLs or cookies, hackers can gain entry to proprietary information without setting off any alarms. "Instead of trying to get past the firewall," Caso says, "they just sail through it by browsing the Web site."