[iwar] [fc:Computer.Attacks.On.Companies.Up.Sharply]

From: Fred Cohen (fc@all.net)
Date: 2002-01-29 07:27:09


Return-Path: <sentto-279987-4399-1012317975-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Tue, 29 Jan 2002 07:29:09 -0800 (PST)
Received: (qmail 2895 invoked by uid 510); 29 Jan 2002 15:26:02 -0000
Received: from n7.groups.yahoo.com (216.115.96.57) by all.net with SMTP; 29 Jan 2002 15:26:02 -0000
X-eGroups-Return: sentto-279987-4399-1012317975-fc=all.net@returns.groups.yahoo.com
Received: from [216.115.97.190] by n7.groups.yahoo.com with NNFMP; 29 Jan 2002 15:26:15 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_1_3); 29 Jan 2002 15:26:14 -0000
Received: (qmail 27366 invoked from network); 29 Jan 2002 15:26:09 -0000
Received: from unknown (216.115.97.167) by m4.grp.snv.yahoo.com with QMQP; 29 Jan 2002 15:26:09 -0000
Received: from unknown (HELO red.all.net) (12.232.72.98) by mta1.grp.snv.yahoo.com with SMTP; 29 Jan 2002 15:26:09 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g0TFR9C21379 for iwar@onelist.com; Tue, 29 Jan 2002 07:27:09 -0800
Message-Id: <200201291527.g0TFR9C21379@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Tue, 29 Jan 2002 07:27:09 -0800 (PST)
Subject: [iwar] [fc:Computer.Attacks.On.Companies.Up.Sharply]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Computer Attacks On Companies Up Sharply

By Renae Merle, Washington Post, 1/28/02
<a href="http://www.newsbytes.com/news/02/173978.html">http://www.newsbytes.com/news/02/173978.html>

Cyber attacks are becoming more common and targeted, according to study
to be released today, and security experts warned that the trend is only
going to increase.

Tracking the security breaches of more than 300 clients across the
world, Internet security firm Riptech said it verified at least 128,678
cyber attacks from July to December 2001. While few of the attacks
detected posed a "severe threat," the Alexandria, Va. company said it
was surprised by the volume.

"This report should clearly illustrate that the Internet security threat
is real, pervasive, and perhaps more severe than previously
anticipated," the report said.

There were 52,658 security breaches and attacks last year, up 50 percent
from the previous year, according to the CERT Coordination Center, a
government-funded computer emergency-response team at Carnegie Mellon
University. The center also got reports of 2,437 computer
vulnerabilities, more than double the figures from the previous year.

The Riptech study did not include "worm" attacks. Computer worms are
reproducing programs that run independently and travel across network
connections. The main difference between viruses and worms is the method
in which they reproduce and spread. Including worms in the count
increased the number of attacks by 63 percent.

Securing the country's Internet infrastructure has received fresh
attention since the Sept. 11 terrorist attacks. In October, President
Bush named Richard Clark to the new position of Special Advisor to the
President for Cyberspace Security. And cyber security is expected to be
included in efforts coordinated by the Office of Homeland Security,
which was established after the attacks.

Computer systems are increasingly vulnerable to cyber attacks, in part
because companies are not implementing security measures already
available, according to a recent report by the Computer Science and
Telecommunications Board, part of the U.S.-based National Research
Council.

Riptech's findings largely amplify industry concerns. About 41 percent
of companies experienced attacks that were critical, and needed to be
addressed to avoid compromising its computer system. About 12.7 percent
encountered at least one "emergency" in which the company had to
"initiate some form of recovery procedure," the report said.

"The community of hackers is getting bigger and the tools used to launch
the attacks are easier to find and easier to use," said Tim Belcher,
Riptech's chief technology officer.

Internet security consultant John Thomas, who independently reviewed the
report before its release, said: "This bolsters a suspicion that a lot
of us have had that the threat is much greater" than previously known.

Most analysts assume attacks on a company's Internet site are
opportunistic and the attacker is broadly searching for any vulnerable
system, Riptech said. But the report found that 39 percent of attacks
targeted a specific system or company. If the company had more than
1,000 employees, the rate of targeted attacks rose to 42 percent.

"I would have assumed, that maybe 80 [percent] or 90 percent are not
targeted," Belcher said. "If the victim is identified in advance the
attacks are more complex. That's not good."

A small number of countries were the source of the vast majority of
attacks; 30 percent came from within the United States, the report said.
In terms of the number of attacks launched per Internet user, Israel was
the largest source of activity during the six months studied.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Tiny Wireless Camera under $80!
Order Now! FREE VCR Commander!
Click Here - Only 1 Day Left!
http://us.click.yahoo.com/nuyOHD/7.PDAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST