http://www.news24.com/News24/Technology/Infotech/0,1113,2-13-45_1210963,00.html 09/07/2002 Elinor Mills Abreu San Francisco - Which part of the world has the dubious distinction of being the most active hotbed of computer hacking? Among the most highly wired economies, more cyber attacks originate from Israel and Hong Kong on a per-internet-user basis than anywhere else, while Kuwait and Iran top the list of the category of countries with fewer Internet users, according to a study released on Monday. Overall, the United States generates by far the most cyber attacks, followed by Germany, South Korea, China and France, according to a report from Riptech Inc, a managed security service provider based in Alexandria, Virginia. The most likely corporate targets were power and energy companies, the study said. Political analysts have expressed concern hackers target such companies to try to maximise the impact of any attack. The Riptech study was based on a miniscule sample compared to the number of companies connected to the internet, but because it was based on computer logs of attacks, which are not widely tracked or aggregated, it provides useful insight into global trends, industry analysts said. Riptech declined to speculate on why some countries were more active as the launchpads of computer attacks. "We try not to speculate as to motive," said Elad Yoran, co-founder and executive vice president of Riptech. "We want to keep the report as objective as possible." But he said, "it's interesting that countries that are less well-developed attack at a 50-percent higher rate on a per-person basis." Cyber attacks, which include everything from the spread of viruses to hacks used to cripple websites, were 28 percent higher in the first half of the year than attacks recorded during the second half of last year, a projected annual growth rate of 64 percent, the study found. Companies, on average, suffered 32 attacks per week, up from 25 attacks per week during the second half of last year. Most attacks happened on Wednesdays and Thursdays, the study said, without offering an explanation as to why. The report was based on data collected from computer logs at about 400 Riptech customers spread across more than 30 countries. Riptech monitors customer logs and traces attacks back to their purported source. Determining where attacks come from is complicated, said Tim Belcher, chief technology officer at Riptech. While most attacks can be traced back to what is believed to be the source country, it is possible for malicious hackers to hide their exact location. Still, 93 percent of the attackers monitored in the study were only active on one day, leading the company to believe they were launching attacks directly rather than going through another "zombie" system to hide their tracks, Belcher said. Forty percent of the attacks in the first half of this year appeared to have come from the United States, followed by 7.6 percent from Germany, 7.4 percent from South Korea and 6.9 percent from China. Although the United States is the source of most of the attacks, it also has the largest economy and a large share of internet users. To get a more fair representation, the study also looked at attacks based on population of internet users in each country, Belcher said. Of countries with more than 1 million internet users, Israel had about 33 attacks per 10,000 users, followed by Hong Kong with 22 attacks per 10,000 users. Of countries with fewer than 1 million internet users but more than 100,000, Kuwait had 50 attacks per 10,000 users, followed by Iran with 30 attacks per 10,000 users. Attacks down in the US A second survey, also released on Monday, showed reports of cyber attacks may be waning in the United States. Of the nearly 3,500 US companies and security professionals polled for the InformationWeek magazine survey, 44 percent said they experienced a virus, worm or Trojan horse attack, in which malicious software masquerades as a legitimate program, down from 70 percent a year ago. Reports of denial of service attacks, another common attack method that is the internet equivalent to getting a busy signal from too many phone calls, were also down slightly, the survey found. "Although three in five firms report a security breach or espionage in the last year, the frequency of security incidents in the United States - regardless of type - is down in 2002," the InformationWeek survey said. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jul 09 2002 - 08:09:32 PDT