INTERNET SECURITY: Digital attacks on Open Source soar
Monitoring reveals a significant rise in the number of attacks on Linux based open source third party web applications, according to the latest figures compiled by the Intelligence Unit at mi2g.
The first six months of 2002 have seen 7,630 overt digital attacks on Linux systems, already significantly higher than the total of 5,736 for the
whole of 2001. On the other hand, overt attacks on Microsoft Windows/IIS
based online systems taking place in the first half of 2002 have fallen by 20% to 9,404 from the 11,828 attacks that occurred in the first half
of 2001. [Source: mi2g SIPS database]
The Linux systems attacked deploy open source third party applications, certain versions of which contain well-known vulnerabilities, which are
not being patched fast enough and continue to be exploited by hackers to gain control of the systems hosting the insecure application.
"The key issue in protecting critical infrastructure is tight
configuration management which demands a 24/7 monitoring of vulnerability announcements and associated exploits. A quick response in addressing all weaknesses as soon as they are known has now become
critical," explains DK Matai, mi2g's Chairman and CEO.
The total number of overt digital attacks taking place in the first six months of 2002 rose by 27 percent to 20,371 from 16,007 in 2001.
Slump in attacks on Government online systems
Only 54 US government online systems were successfully attacked in the first half of this year compared to the 204 overt attacks that took
place in the first half of 2001. A total of 38 UK government online systems were overtly attacked in the first six months of 2001, rising to
45 by the end of the year, yet the number for the first half of 2002 is only 12.
The US Cyber Security Enhancement Act (CSEA)
As fears deepen over the threats posed by asymmetric warfare, terrorism and the phenomenon of politically motivated hacking, government bodies and agencies are becoming more security conscious, as evidenced by sharp falls in the number of online government systems succumbing to overt
digital attack.
Another factor is the increasing reluctance of hackers to become involved in attacks on US government sites after the amendment of the Cyber Security Enhancement Act (CSEA) in the US in February 2002
following increasing concern over the vulnerability of the world's IT systems to terrorist attack. The CSEA gives a life imprisonment sentence to those who put lives at risk by electronic means and affords the US Sentencing Commission
greater powers in deciding penalties for hacking offences.
Delicious
Digg
Reddit
Magnoliacom
Newsvine
Furl
Google
Yahoo
Technorati
Comments
Post new comment