E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by Bennett Gold LLP, Chartered Accountants

Effective December 31, 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering articles from the period 1999 to 2012.


Source: Security Wire Digest

Posted on January 31, 2002

      The Internet is a rough neighborhood -- and it's getting rougher, according to a report released last week by Riptech.

      Analysts of the Alexandria, Va.-based MSSP plowed through 5.5 billion logs from firewalls and IDSes and verified 128,678 external attacks on over 300 client organizations.

      "Previous studies relied on unreliable self-reported surveys or comparisons of organizations with different setups," says Tim Belcher, Riptech's CTO and primary author of the report. "We want to present empirical data, not speculation. The industry has too few facts and too many opinions."

      The organizations included private companies (72 percent), public companies (17 percent), non-profit organizations (7 percent) and government agencies (4 percent) in 25 countries. Collectively, they represent a million Internet-connected hosts. The period of study -- the last half of 2001 -- was dominated by the Nimda and Code Red worms, which caused 63 percent of all attacks.

      Eliminating those two attacks produces suggestive statistical nuggets, including:
-- Average attacks per company increased by 79 percent.
-- Forty-three percent of companies had at least one potentially crippling attack.
-- Thirty-nine percent of attacks were deliberately targeted at specific companies or systems.
-- Public companies experienced double the number of attacks of private companies and non-profit organizations.

      The most-targeted industries were high tech (961 attacks), financial services (895), power and energy (725), and media/entertainment (706).

      Power and energy companies endured the highest percentage of severe attacks: 13 percent.

      Other highlights:
-- Organizations with fewer than 500 employees suffered fewer attacks.
-- Six of the top 10 types of attacks were specific to Microsoft Windows.
-- Attack intensity rose steeply following the Sept. 11 terrorist attacks.

      Riptech identified the United States as the biggest source of attacks (30 percent), followed by South Korea (9 percent) and China (8 percent). But when basing the results on number of attacks per Internet user, Israel was the largest source (26 percent).

      Critics question the report's assessment of other studies; the size of the group surveyed; the definition of attack intent and intensity; and other issues. Future versions of the report may include companies that are sources of attacks, as well as OSes being targeted.

      Lessons for CIOs are easy to discern:
-- External attacks via the Internet are real and growing threats.
-- Organizations are facing more -- and more severe -- attacks, depending on size, prominence, industry and public/private status.
-- Windows systems are significant targets.
-- Patches should be applied and all recommendations to secure your site followed.

      The most telling point: These organizations have already engaged third-party experts to fortify their defenses, and they're still getting hit.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold Chartered Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.