Printer Friendly
The Free Library
14,680,088 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

Internet Risk Impact Summary Report for Q3 2003.


Internet Security ''This article or section is being rewritten at

Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software.  Systems, Inc. has released its Internet Risk Impact Summary Report (IRIS) for the third quarter of 2003, which reveals a 15 percent increase in the number of security incidents over the second quarter of 2003. The increase in security incidents, which represent confirmed attacks or events that present unusual risk, was accompanied by a nine percent rise in overall security events, defined as anomalous a·nom·a·lous  
adj.
1. Deviating from the normal or common order, form, or rule.

2. Equivocal, as in classification or nature.  or suspicious network behaviour. The ISS ISS

See Institutional Shareholder Services (ISS).  X-Force security intelligence team attributes the swell in security incidents to fast-moving attacks that quickly targeted vulnerabilities disclosed in the quarter. In the past reporting period, the X-Force documented 725 new vulnerabilities, a decrease of two over the previous quarter, and 823 new viruses and worms, an increase of 26 percent over second quarter. The complete Q3 2003 IRIS Report is available for free download on Internet Security Systems' Web site at https://gtoc.iss.net/

Highlights and IRIS Report Findings:

* Security Incidents: Serious vulnerabilities in the Microsoft operating system operating system (OS)

Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs.  were exploited by the MS Blast and Nachi/Welchia worms, causing disruption for many organizations. These exploits appeared rapidly after vulnerability disclosure Refers to reporting security flaws to vendors and the general public. Normally, vulnerabilities are first reported to the software vendor and then revealed to the public after the vendor has published a patch to fix the problem.  and successfully compromised many un-patched systems.

* Attack Trends: Attack techniques were more varied and aggressive this quarter, and attempted to exploit a variety of old and new vulnerabilities using diverse attack vectors The approach used to assault a computer system or network. A fancy way of saying "method or type of attack," the term may refer to a variety of vulnerabilities. For example, an operating system or Web browser may have a flaw that is exploited by a Web site. .

* Vulnerabilities: ISS added 725 new vulnerabilities to the X-Force database, a decrease of two compared with the second quarter of 2003. Of those vulnerabilities, 218 were classified as high risk, 369 were medium risk and 138 were low risk. High risk security issues are those that allow immediate remote or local access, or immediate execution of code or commands with unauthorized privileges.

* Worms and Hybrid Threats: The number of threats again outpaced vulnerabilities, 823 to 725 in the third quarter. Part of a continuing security trend, exploit development from the hacking See hack and hacker.  underground is catching up with security research. This trend was observed when two days after Cisco announced an operating system vulnerability, exploit code was released, leaving virtually no time for patching. Enterprises also remain at risk for 'zero-day' attacks, or attacks against software vulnerabilities not yet known by software vendors.

* AlertCon Risk Levels: The X-Force Daily AlertCon is a measure of current and forecasted Internet threats available on the ISS Web site at www.iss.net. During the third quarter of 2003, ISS observed 37 days at AlertCon 1 (denoting regular vigilance VIGILANCE. Proper attention in proper time.
     2. The law requires a man who has a claim to enforce it in proper time, while the adverse party has it in his power to defend himself; and if by his neglect to do so, he cannot afterwards establish such claim, the ), 44 days at AlertCon 2 (increased vigilance) and 11 days at AlertCon 3, indicating that specific vulnerabilities were the target of Internet attacks and recommending immediate defensive action. www.iss.net/uk
COPYRIGHT 2004 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2004, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Security
Publication:Software World
Date:Jan 1, 2004
Words:431
Previous Article:Recovery Series in UK.(Security)
Next Article:New UK spam legislation worthwhile or worthless?(Security)



Related Articles
Internet risk impact report Q2 2003.(from Internet Security Systems)
Partner Communications Reports Record Third-Quarter Results; Company Posts NIS 168.6 Million Net Income and Free Cash Flow of NIS 228.7 Million.
NTL Incorporated Announces Preliminary Results for Three Months Ended September 30, 2003.
AirNet Announces Third Quarter 2003 Financial Results.
FindWhat.com Raises Full Year 2003 Estimates; Projects Q4 2003 Revenue Will Increase 14% Versus Q3 2003.
Viisage Adopts New Accounting Rule Regarding Revenue Recognition For Long-Term Service Contracts.
2003 risk impact report.(Security)
Symbol Technologies to File Today Quarterly Reports on Form 10-Q for 2003'S First Three Quarters and Amended 2002 Annual Report on Form 10-K/A.
ntl Incorporated's Third Quarter Results Led by Continued Growth in ntl: Home.
Partner Communications Reports Third Quarter 2004 Results.

Terms of use | Copyright © 2009 Farlex, Inc. | Feedback | For webmasters | Submit articles