Feeds

Hacking activity plummets

Official figures help dispel cyberterror fears

  • alert
  • submit to reddit

Protecting against web application threats using SSL

Security breaches and hacking attacks have diminished in numbers since the September 11 terrorist attacks, according to data from a US government monitoring agency.

Monthly reports by the Federal Computer Incident Response Center (FedCIRC), a central security coordination and analysis facility run by the US government, show just 15 incidents of intruder activity reported to it last month - less than a third of that recorded in December 2000.

This compares to a peak during 2001 of 297 incidents (which include root compromises of systems, Web face defacement attacks [presumably counting only high profile targets], probes and malicious code outbreaks) in May. In August there were 114 such incidents but this had dropped to 63 by September, which was especially surprising because of the anticipated upswing in hacking activity following the September 11 attacks.

As FedCIRC says, these statistics should be treated with caution and used only to get a general impression of the variety of intruder activity.

However security experts with Harris Corporation, which provides security software systems for both federal government and private sector customers, say hacking activity is the slowest they've seen in years.

Bill Wall, chief security engineer at Harris, said this lull was especially pronounced in December, a time when college students are on holiday and hacking activity picks up.

Among the reasons for the change are improved enterprise security practices and behaviour-based intrusion detection tools to block attacks, Wall believes. He said around three in four NT servers he comes across now are "hardened" against attack against less than 50 per cent a year ago. Harris believes this modest improvement might lead crackers into targeting computers of home users rather than businesses.

The introduction of laws that equate hacking with terrorism might also be having an effect, said Wall, who believes hacking activity will remain low unless something like the spate Chinese/US hacking attacks from early last year kicks off.

"You're not seeing that kind of cyberwar with Al-Queda," said Wall.

Records from the U.S. Space Command Computer Network Operations Center, which conducts computer network defence on behalf of the Defense Department, show an immediate lull in cracker activity following the World Trade Centre atrocity, though not for the rest of the year.

Major Barry Venable, a spokesman for the U.S. Space Command, which is responsible for three million computers spread over 10,000 networks, said that intrusion activity attempts actually decreased in the two to three weeks after September 11.

"We were watching networks very closely after September 11 because it was considered a ripe environment for people to be motivated towards hacking, however that didn't happen. I think hackers didn't want to be linked with terrorism," he told us.

U.S. Space Command data is only available up to October and that shows that attacks against Department of Defence systems, always a favourite target for crackers, have "continued unabated" throughout the year. Intrusion attempts against DoD systems totalled 40,000 for the first 10 months of 2001 against 26,000 for the whole of 2000 but the "primary reason" for this increase is improvements in detection technology, we were told. ®

Related stories

Taleban can't hack - UK govt
FBI condemns vigilante hacking
Hackers are terrorists, says UK law
Bush admin to make hacking a terrorist offence
MS makes its pitch on security, cyber terror to House
US Congress whips up 'cyber menace' again
Cyber Virus Mutant Terrorists get Hip to the Trip
Bill Clinton associates Love Bug with terrorism

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.