[ISN] Hackers' paradise

From: InfoSec News (isnat_private)
Date: Tue Jul 09 2002 - 05:06:36 PDT

  • Next message: InfoSec News: "[ISN] Hacker to Apple: Watch those downloads"

    Elinor Mills Abreu 
    San Francisco - Which part of the world has the dubious distinction of
    being the most active hotbed of computer hacking?
    Among the most highly wired economies, more cyber attacks originate
    from Israel and Hong Kong on a per-internet-user basis than anywhere
    else, while Kuwait and Iran top the list of the category of countries
    with fewer Internet users, according to a study released on Monday.
    Overall, the United States generates by far the most cyber attacks,
    followed by Germany, South Korea, China and France, according to a
    report from Riptech Inc, a managed security service provider based in
    Alexandria, Virginia.
    The most likely corporate targets were power and energy companies, the
    study said. Political analysts have expressed concern hackers target
    such companies to try to maximise the impact of any attack.
    The Riptech study was based on a miniscule sample compared to the
    number of companies connected to the internet, but because it was
    based on computer logs of attacks, which are not widely tracked or
    aggregated, it provides useful insight into global trends, industry
    analysts said.
    Riptech declined to speculate on why some countries were more active
    as the launchpads of computer attacks.
    "We try not to speculate as to motive," said Elad Yoran, co-founder
    and executive vice president of Riptech. "We want to keep the report
    as objective as possible."
    But he said, "it's interesting that countries that are less
    well-developed attack at a 50-percent higher rate on a per-person
    Cyber attacks, which include everything from the spread of viruses to
    hacks used to cripple websites, were 28 percent higher in the first
    half of the year than attacks recorded during the second half of last
    year, a projected annual growth rate of 64 percent, the study found.
    Companies, on average, suffered 32 attacks per week, up from 25
    attacks per week during the second half of last year. Most attacks
    happened on Wednesdays and Thursdays, the study said, without offering
    an explanation as to why.
    The report was based on data collected from computer logs at about 400
    Riptech customers spread across more than 30 countries. Riptech
    monitors customer logs and traces attacks back to their purported
    Determining where attacks come from is complicated, said Tim Belcher,
    chief technology officer at Riptech. While most attacks can be traced
    back to what is believed to be the source country, it is possible for
    malicious hackers to hide their exact location.
    Still, 93 percent of the attackers monitored in the study were only
    active on one day, leading the company to believe they were launching
    attacks directly rather than going through another "zombie" system to
    hide their tracks, Belcher said.
    Forty percent of the attacks in the first half of this year appeared
    to have come from the United States, followed by 7.6 percent from
    Germany, 7.4 percent from South Korea and 6.9 percent from China.
    Although the United States is the source of most of the attacks, it
    also has the largest economy and a large share of internet users. To
    get a more fair representation, the study also looked at attacks based
    on population of internet users in each country, Belcher said.
    Of countries with more than 1 million internet users, Israel had about
    33 attacks per 10,000 users, followed by Hong Kong with 22 attacks per
    10,000 users.
    Of countries with fewer than 1 million internet users but more than
    100,000, Kuwait had 50 attacks per 10,000 users, followed by Iran with
    30 attacks per 10,000 users.
    Attacks down in the US
    A second survey, also released on Monday, showed reports of cyber
    attacks may be waning in the United States.
    Of the nearly 3,500 US companies and security professionals polled for
    the InformationWeek magazine survey, 44 percent said they experienced
    a virus, worm or Trojan horse attack, in which malicious software
    masquerades as a legitimate program, down from 70 percent a year ago.
    Reports of denial of service attacks, another common attack method
    that is the internet equivalent to getting a busy signal from too many
    phone calls, were also down slightly, the survey found.
    "Although three in five firms report a security breach or espionage in
    the last year, the frequency of security incidents in the United
    States - regardless of type - is down in 2002," the InformationWeek
    survey said.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Jul 09 2002 - 08:09:32 PDT