Internet risk impact report Q2 2003.Internet Security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. Systems' Internet Risk Impact Summary Report (IRIS) for the second quarter of 2003, reveals that the number of serious security incidents increased by 13.7 percent from the first quarter. While low-level hacking See hack and hacker. activity decreased slightly, ISS ISS See Institutional Shareholder Services (ISS). X-Force researchers attribute the increase in confirmed security incidents to a larger number of threats that take advantage of known vulnerabilities A bug in software that has been identified. It typically refers to bugs that have been used for malicious purposes. For example, bugs in Web server, Web browser and e-mail client software are widely exploited by attackers. . Over the past two quarters, the gap between methods of attack, known as threats, and vulnerabilities in software and systems has narrowed. Hacking activity takes advantage of this narrowed gap, using older threats and techniques that are widely known by hackers, but not patched in by IT departments and thus still open to attack. Highlights and Report Findings: * Security Trends: The X-Force expects an increasing risk from attackers targeting emerging Internet communities, especially users that make use of broadband access See broadband and wireless broadband. from a home office, wireless technologies, and file sharing Copying files from one computer to another. See peer-to-peer network, file sharing protocol and file and printer sharing. and messaging applications. This increased risk is also a result of corporate laptops and workstations being used outside the organization on home-based broadband networks  This article or section needs copy editing for grammar, style, cohesion, tone and/or spelling.You can assist by [ editing it] now. . HTTP HTTP in full HyperText Transfer Protocol Standard application-level protocol used for exchanging files on the World Wide Web. HTTP runs on top of the TCP/IP protocol. , SNM SNM Society of Nuclear Medicine SNM Show No Mercy (gaming clan) SNM Special Nuclear Material SNM Somali National Movement SNM San Marcos (Guatemala, territorial division) SNM Service Member In, SMTP (Simple Mail Transfer Protocol) The standard e-mail protocol on the Internet and part of the TCP/IP protocol suite, as defined by IETF RFC 2821. SMTP defines the message format and the message transfer agent (MTA), which stores and forwards the mail. , and FTP FTP in full file transfer protocol Internet protocol that allows a computer to send files to or receive files from another computer. Like many Internet resources, FTP works by means of a client-server architecture; the user runs client software to connect to are ports targeted and used often by attackers. While FTP and HTTP are still among the top-ten attack destinations, attacks have decreased on these ports by an average of 46 percent and 96 percent over the last six quarters. This is likely due to patching of vulnerable code-bases and better protection of the FTP and HTTP ports in particular. * Security Events: 24.5 percent of security events occurred over weekends in the second quarter of 2003. Wednesday showed the highest rate of security events, registering an average of 1,809,222. After tracking 20 industry sectors targeted by attacks in the second quarter, the following major industries ranked in the order of most to least attacked. Services--24.23 percent; Financial & Insurance Services--19.43 percent; Retail--15.69 percent; Manufacturing--10.6 percent; Federal, State and Local Government--7.56 percent; Food & Drag--5,16 percent; Information Technology--4.26 percent; Healthcare--2.86 percent Vulnerabilities: ISS added 727 new vulnerabilities to the X-Force database, a 20 percent increase compared to QI 2003 when 606 new vulnerabilities were added. The vulnerabilities for Q2 2003 were classified into the following risk levels: 209 High, 377 Medium and 141 Low. High security issues are those that allow immediate remote or local access, or immediate execution of code or commands with unauthorized privileges. Worms and Hybrid Threats: The gap narrowed between vulnerabilities and threats for the second consecutive quarter: -654 threats were identified in Q2 2003 compared to 727 vulnerabilities in Q2 2003 -752 threats were identified in QI 2003 compared to 606 vulnerabilities in QI 2003 -Historically, from QI through Q4 2002: 494 threats compared to 2,374 vulnerabilities AlertCon Risk Levels: During the second quarter of 2003, ISS observed 83 days at AlertCon 1, 8 days at AlertCon 2, and 0 days at AlertCon 3 and 0 days at AlertCon 4, which is reserved for the most severe attacks. Investigation of an exploit for the Sendmail Email Processing Vulnerability resulted in four days at AlertCon 2. In addition, the acceleration of Bugbear. B worm's infection rate in the first 24 hours of propagation raised the threat to AlertCon 2 for four days. The X-Force Daily AlertCon, a measure of current and forecasted Internet threats, is available m the ISS Web site at www.iss.net.. Determined by the X-Force, the AlertCon level (1 -4) provides a real-time indication of the Interact threat environment. The daily AlertCon level helps customers quickly determine the prevailing Interact threat condition and review critical security details. The complete Q2 2003 Interact Risk Impact Summary Report is available for free download on Interact Security Systems' Web site at https://.iss.net/. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion