Feeds

Hacking activity plummets

Official figures help dispel cyberterror fears

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

Security breaches and hacking attacks have diminished in numbers since the September 11 terrorist attacks, according to data from a US government monitoring agency.

Monthly reports by the Federal Computer Incident Response Center (FedCIRC), a central security coordination and analysis facility run by the US government, show just 15 incidents of intruder activity reported to it last month - less than a third of that recorded in December 2000.

This compares to a peak during 2001 of 297 incidents (which include root compromises of systems, Web face defacement attacks [presumably counting only high profile targets], probes and malicious code outbreaks) in May. In August there were 114 such incidents but this had dropped to 63 by September, which was especially surprising because of the anticipated upswing in hacking activity following the September 11 attacks.

As FedCIRC says, these statistics should be treated with caution and used only to get a general impression of the variety of intruder activity.

However security experts with Harris Corporation, which provides security software systems for both federal government and private sector customers, say hacking activity is the slowest they've seen in years.

Bill Wall, chief security engineer at Harris, said this lull was especially pronounced in December, a time when college students are on holiday and hacking activity picks up.

Among the reasons for the change are improved enterprise security practices and behaviour-based intrusion detection tools to block attacks, Wall believes. He said around three in four NT servers he comes across now are "hardened" against attack against less than 50 per cent a year ago. Harris believes this modest improvement might lead crackers into targeting computers of home users rather than businesses.

The introduction of laws that equate hacking with terrorism might also be having an effect, said Wall, who believes hacking activity will remain low unless something like the spate Chinese/US hacking attacks from early last year kicks off.

"You're not seeing that kind of cyberwar with Al-Queda," said Wall.

Records from the U.S. Space Command Computer Network Operations Center, which conducts computer network defence on behalf of the Defense Department, show an immediate lull in cracker activity following the World Trade Centre atrocity, though not for the rest of the year.

Major Barry Venable, a spokesman for the U.S. Space Command, which is responsible for three million computers spread over 10,000 networks, said that intrusion activity attempts actually decreased in the two to three weeks after September 11.

"We were watching networks very closely after September 11 because it was considered a ripe environment for people to be motivated towards hacking, however that didn't happen. I think hackers didn't want to be linked with terrorism," he told us.

U.S. Space Command data is only available up to October and that shows that attacks against Department of Defence systems, always a favourite target for crackers, have "continued unabated" throughout the year. Intrusion attempts against DoD systems totalled 40,000 for the first 10 months of 2001 against 26,000 for the whole of 2000 but the "primary reason" for this increase is improvements in detection technology, we were told. ®

Related stories

Taleban can't hack - UK govt
FBI condemns vigilante hacking
Hackers are terrorists, says UK law
Bush admin to make hacking a terrorist offence
MS makes its pitch on security, cyber terror to House
US Congress whips up 'cyber menace' again
Cyber Virus Mutant Terrorists get Hip to the Trip
Bill Clinton associates Love Bug with terrorism

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.