- What does Cisco have against Quebec?
- Attrition.org nails another nitwit
- Diary of a deliberately spammed housewife
- Seven cloud-computing security risks
- 20 great Windows open source projects
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
The number of computer security incidents and attacks detected at businesses worldwide soared by 84% between the fourth quarter of 2002 and the first quarter of this year, fueled in part by a surge in the number of mass-mailing worms, according to a report due out Monday from Internet Security Systems.
"What we're seeing out there is a lot more folks being extremely active and a lot more malicious behavior," said Pete Allor, manager of ISS's X-Force Threat Analysis Services division, which compiled the report. "We've also seen a corresponding high degree of Web site defacements."
The large increase in worms and other security-related incidents point to a challenging year ahead for IT security staff, the organization said in a statement. The tally includes relatively minor activities, such as scanning corporate networks for vulnerabilities, and more serious events such as the Slammer worm, which emerged in January and according to some experts was the fastest spreading worm yet.
The number of worms and hybrid threats between Jan. 1 and March 31 totaled 752, compared with 101 in the fourth quarter of 2002, the report found. X-Force also noted an increase in the number of "zero day" attacks, in which hackers attack a software vulnerability that is not yet known about by vendors.
Faced with such an abundance of activity, businesses can help themselves by focusing on the security threats that pose the most risk to them, Allor said.
"When you have almost 300 issues a month coming out, the important part is, how do you focus on the ones that are significant to you?" he said.
The severity ratings assigned by IT vendors are only one factor to consider when determining how to respond to a threat. Businesses should also look at where the affected system resides in the network, what level of risk they are prepared to tolerate for that system, and how well the system is protected by firewalls and other technologies, he said.
The report tracked 20 industry sectors over the quarter. Retail businesses were attacked the most, accounting for 35% of attacks; financial services accounted for 11.5%, healthcare and manufacturing 9% each, and federal and local government 1%, the report found.
The frequency of attacks on an industry may reflect several factors, including the proportion of IT dollars spent by that industry on security and how successful hackers have been in the past at targeting a particular sector.
Rss FeedRss Feed
Dear Nurse: Putting aside your rudeness I will agree: The Museum of the American Cocktail is, as far...- Mark Gibbs
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Comment