Return-Path: <sentto-279987-2844-1002729547-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Wed, 10 Oct 2001 09:03:07 -0700 (PDT) Received: (qmail 17043 invoked by uid 510); 10 Oct 2001 16:01:53 -0000 Received: from n33.groups.yahoo.com (216.115.96.83) by 204.181.12.215 with SMTP; 10 Oct 2001 16:01:53 -0000 X-eGroups-Return: sentto-279987-2844-1002729547-fc=all.net@returns.onelist.com Received: from [10.1.1.224] by n33.groups.yahoo.com with NNFMP; 10 Oct 2001 16:02:00 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 10 Oct 2001 15:59:07 -0000 Received: (qmail 5109 invoked from network); 10 Oct 2001 15:59:07 -0000 Received: from unknown (10.1.10.27) by 10.1.1.224 with QMQP; 10 Oct 2001 15:59:07 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 10 Oct 2001 16:01:59 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id JAA04722 for iwar@onelist.com; Wed, 10 Oct 2001 09:01:59 -0700 Message-Id: <200110101601.JAA04722@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 10 Oct 2001 09:01:58 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Survey:.Web.attacks.doubled.in.last.year] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Survey: Web attacks doubled in last year By Sam Costello, InfoWorld, 10/10/2001 http://www.infoworld.com/articles/hn/xml/01/10/09/011009hnsurvey.xml ATTACKS ON WEB servers doubled in 2001 compared to 2000, and nearly 90 percent of companies surveyed have been infected with worms or viruses, despite having anti-virus software installed, according to the Information Security Industry Survey, performed annually by Information Security magazine. Information Security magazine, which is owned by security firm TruSecure, conducted the survey from late July to early August and received responses from 2,545 information security workers. Nearly 50 percent of the companies surveyed experienced attacks against their Web servers from external sources in 2001, up from 24 percent in 2000, the study found. Nearly 90 percent were hit with worms, viruses, or Trojan horses, almost 40 percent suffered denial of service attacks, and a third faced buffer overflow attacks, the survey found. Security threats from those inside the company were more varied and frequent, but somewhat less serious, the study found. Seventy-eight percent of respondents said that company employees had installed or used unauthorized software and 60 percent used company computers for unauthorized or illegal purposes. Fewer than 60 percent of companies reported internal hacking incidents, while 58 percent cited abuse of access controls, 22 percent said employees had engaged in electronic theft, sabotage, or leaks, and 9 percent said computers were used for fraud. All numbers were down compared to 2000. Malicious code, privacy, and confidentiality issues and protection against exploits (automated attack tools and methods of attack security vulnerabilities) topped the list of issues of concern for 2001-2002, respondents said. Despite these concerns, and the findings that internal threats are more common than external, the top security projects slated for 2001-2002 involve strengthening the network perimeter to prevent external attacks, ensuring the security and availability of Web sites, and adding security for messaging and remote workers, the study found. Those projects may not be easily attained, however, as survey respondents reported a number of obstacles to providing better security. Chief among those obstacles are budgetary concerns. Fifty-four percent of those surveyed expect their security budgets to increase in 2001-2002, the same percentage that felt that way in 2000-2001. Twenty-nine percent, however, said that their budgets for 2001 have been frozen due to the economy. Other barriers to good security include a lack of employee or end-user training, a lack of support from management, and the inability to find competent computer security staff, the study found. Sam Costello is a Boston-based correspondent for the IDG News Service, an InfoWorld affiliate. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide! http://us.click.yahoo.com/yQix2C/33_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:54 PST