Feeds

Hacking activity plummets

Official figures help dispel cyberterror fears

  • alert
  • submit to reddit

Security for virtualized datacentres

Security breaches and hacking attacks have diminished in numbers since the September 11 terrorist attacks, according to data from a US government monitoring agency.

Monthly reports by the Federal Computer Incident Response Center (FedCIRC), a central security coordination and analysis facility run by the US government, show just 15 incidents of intruder activity reported to it last month - less than a third of that recorded in December 2000.

This compares to a peak during 2001 of 297 incidents (which include root compromises of systems, Web face defacement attacks [presumably counting only high profile targets], probes and malicious code outbreaks) in May. In August there were 114 such incidents but this had dropped to 63 by September, which was especially surprising because of the anticipated upswing in hacking activity following the September 11 attacks.

As FedCIRC says, these statistics should be treated with caution and used only to get a general impression of the variety of intruder activity.

However security experts with Harris Corporation, which provides security software systems for both federal government and private sector customers, say hacking activity is the slowest they've seen in years.

Bill Wall, chief security engineer at Harris, said this lull was especially pronounced in December, a time when college students are on holiday and hacking activity picks up.

Among the reasons for the change are improved enterprise security practices and behaviour-based intrusion detection tools to block attacks, Wall believes. He said around three in four NT servers he comes across now are "hardened" against attack against less than 50 per cent a year ago. Harris believes this modest improvement might lead crackers into targeting computers of home users rather than businesses.

The introduction of laws that equate hacking with terrorism might also be having an effect, said Wall, who believes hacking activity will remain low unless something like the spate Chinese/US hacking attacks from early last year kicks off.

"You're not seeing that kind of cyberwar with Al-Queda," said Wall.

Records from the U.S. Space Command Computer Network Operations Center, which conducts computer network defence on behalf of the Defense Department, show an immediate lull in cracker activity following the World Trade Centre atrocity, though not for the rest of the year.

Major Barry Venable, a spokesman for the U.S. Space Command, which is responsible for three million computers spread over 10,000 networks, said that intrusion activity attempts actually decreased in the two to three weeks after September 11.

"We were watching networks very closely after September 11 because it was considered a ripe environment for people to be motivated towards hacking, however that didn't happen. I think hackers didn't want to be linked with terrorism," he told us.

U.S. Space Command data is only available up to October and that shows that attacks against Department of Defence systems, always a favourite target for crackers, have "continued unabated" throughout the year. Intrusion attempts against DoD systems totalled 40,000 for the first 10 months of 2001 against 26,000 for the whole of 2000 but the "primary reason" for this increase is improvements in detection technology, we were told. ®

Related stories

Taleban can't hack - UK govt
FBI condemns vigilante hacking
Hackers are terrorists, says UK law
Bush admin to make hacking a terrorist offence
MS makes its pitch on security, cyber terror to House
US Congress whips up 'cyber menace' again
Cyber Virus Mutant Terrorists get Hip to the Trip
Bill Clinton associates Love Bug with terrorism

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Admins! Never mind POODLE, there're NEW OpenSSL bugs to splat
Four new patches for open-source crypto libraries
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.