Feeds

Hacking activity plummets

Official figures help dispel cyberterror fears

  • alert
  • submit to reddit

Top three mobile application threats

Security breaches and hacking attacks have diminished in numbers since the September 11 terrorist attacks, according to data from a US government monitoring agency.

Monthly reports by the Federal Computer Incident Response Center (FedCIRC), a central security coordination and analysis facility run by the US government, show just 15 incidents of intruder activity reported to it last month - less than a third of that recorded in December 2000.

This compares to a peak during 2001 of 297 incidents (which include root compromises of systems, Web face defacement attacks [presumably counting only high profile targets], probes and malicious code outbreaks) in May. In August there were 114 such incidents but this had dropped to 63 by September, which was especially surprising because of the anticipated upswing in hacking activity following the September 11 attacks.

As FedCIRC says, these statistics should be treated with caution and used only to get a general impression of the variety of intruder activity.

However security experts with Harris Corporation, which provides security software systems for both federal government and private sector customers, say hacking activity is the slowest they've seen in years.

Bill Wall, chief security engineer at Harris, said this lull was especially pronounced in December, a time when college students are on holiday and hacking activity picks up.

Among the reasons for the change are improved enterprise security practices and behaviour-based intrusion detection tools to block attacks, Wall believes. He said around three in four NT servers he comes across now are "hardened" against attack against less than 50 per cent a year ago. Harris believes this modest improvement might lead crackers into targeting computers of home users rather than businesses.

The introduction of laws that equate hacking with terrorism might also be having an effect, said Wall, who believes hacking activity will remain low unless something like the spate Chinese/US hacking attacks from early last year kicks off.

"You're not seeing that kind of cyberwar with Al-Queda," said Wall.

Records from the U.S. Space Command Computer Network Operations Center, which conducts computer network defence on behalf of the Defense Department, show an immediate lull in cracker activity following the World Trade Centre atrocity, though not for the rest of the year.

Major Barry Venable, a spokesman for the U.S. Space Command, which is responsible for three million computers spread over 10,000 networks, said that intrusion activity attempts actually decreased in the two to three weeks after September 11.

"We were watching networks very closely after September 11 because it was considered a ripe environment for people to be motivated towards hacking, however that didn't happen. I think hackers didn't want to be linked with terrorism," he told us.

U.S. Space Command data is only available up to October and that shows that attacks against Department of Defence systems, always a favourite target for crackers, have "continued unabated" throughout the year. Intrusion attempts against DoD systems totalled 40,000 for the first 10 months of 2001 against 26,000 for the whole of 2000 but the "primary reason" for this increase is improvements in detection technology, we were told. ®

Related stories

Taleban can't hack - UK govt
FBI condemns vigilante hacking
Hackers are terrorists, says UK law
Bush admin to make hacking a terrorist offence
MS makes its pitch on security, cyber terror to House
US Congress whips up 'cyber menace' again
Cyber Virus Mutant Terrorists get Hip to the Trip
Bill Clinton associates Love Bug with terrorism

Combat fraud and increase customer satisfaction

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
German space centre endures cyber attack
Chinese code retrieved but NSA hack not ruled out
Burnt out on patches this month? Oracle's got 104 MORE fixes for you
Mass patch for issues across its software catalog
Reddit users discover iOS malware threat
'Unflod Baby Panda' looks to snatch Apple IDs
Oracle working on at least 13 Heartbleed fixes
Big Red's cloud is safe and Oracle Linux 6 has been patched, but Java has some issues
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.