Welcome Guest. | Log In| Register | Membership Benefits
  • Email this page E-mail this page
  • |  Print Print this page
  • |   Bookmark and Share
  • icon

While Cyber Attacks Are Down, New Threats Emerge


Symantec study says companies were attacked an average of 30 times a week in last six months of 2002.

By George V. Hulme
InformationWeek
February 3, 2003 12:00 AM

According to Symantec Corp.'s Internet Security Threat Report, not including viruses and worm-like malware, cyberattacks were down 6% for the second half of 2002. But finance companies and utilities continue to get the most pounding from attackers.

More Software Insights

White Papers

Webcasts

Reports

Videos


Startup Mulesource offers an open-source ESB for SOA architectures Coyne talks about the struggle in the software industry to regain its innovative edge, and the need for trust between IT and end users. Eric Rubin, CEO of Dreamfactory, talks about the company's Business Essentials, a suite of software services, including project management and business intelligence, that runs on the Salesforce.com AppExchange platform.
Startup Mulesource offers an open-source ESB for SOA architectures
According to the report, issued Monday, companies were attacked an average of 30 times per week between June and December of last year; compared with 32 times per week in the first six months of the year. The vast majority of these attacks, 85%, was actually scans searching for potential vulnerabilities; the remaining 15% constituted attempted or successful attacks.

The most startling trend from the report was the number of new software vulnerabilities discovered-nearly 50 a week, an 81.5% jump over such discovered software vulnerabilities 2001. According to Symantec, the rise was driven almost exclusively by vulnerabilities the security firm considers severe.

The Slammer worm that struck on Jan. 25 attacked against one such severe software vulnerability. And according to a new study (available at http://www.caida.org/analysis/security/sapphire/) by the Cooperative Association for Internet Data Analysis, the Slammer, or Sapphire worm as it's also called, was the fastest- spreading worm in Internet history. It infected 90% of vulnerable systems within 10 minutes of its arrival on the Internet and doubled the number of infected hosts every 8.5 seconds.

As Slammer began spreading throughout the Internet, it doubled in size every 8.5 seconds and infected more than 90% of vulnerable hosts within 10 minutes. While Slammer spread faster than Code Red, it infected 75,000 systems, compared with the nearly 360,000 systems Code Red infected on July 19, 2001, in about 14 hours. According to CAIDA, at the height of its strength, Code Red infected 2,000 new systems each minute.

Code Red managed to infect more systems than Slammer, experts say, because there were more vulnerable Microsoft Internet Information Services (which Code Red used a vulnerability to infect target systems) exposed to the Internet than vulnerable Microsoft SQL Server and MSDE 2000 systems for Slammer to infect.

Chief information security officers worry that worse attacks are coming. "This thing was only 376 bytes and look at what it did," says Lloyd Hession, chief information security officer with financial network provider Radianz. "Imagine if it had a destructive payload. It could have been a lot worse."



Subscribe to RSS


Advertisement

CAREER CENTER
Ready to take that job and shove it?



TechCareers

SEARCH
Function:

Keyword(s):

State:
SPONSOR
RECENT JOB POSTINGS
CAREER NEWS
10 Search Engines You Don't Know About
Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Yahoo Profits Fall 23%, Cuts 1,000 Jobs
Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

More articles from our career center





Subscription Info
Apply for a free 52-week subscription to InformationWeek (a $199 value)

Last Name:

First Name:

Title:

Company Name:

City:

Business Address:

Zip:

State:

Email Address:

NOTE: Offer valid for U.S., U.S. possessions, & Canada only

            

Join economist Chris Cornell and 3 CIOs in an Exclusive Online Exchange for Senior IT Executives: Using IT to Drive Value in a Turbulent Economy. November 5th only.