Arecently issued report has confirmed what most IT managers probably already know: it’s a dangerous world out there network-wise, and it’s not going to get any better.
According to the Internet Security Threat Report, by anti-virus vendor Symantec Corp., although the volume of cyber-attacks dropped
slightly — by six per cent — over the prior six-month period, the discovery rate for new IT product vulnerabilities jumped to 2,524, slightly more than 80 per cent over the same period.
Michael Murphy, Symantec’s general manager for Canada, attributes the rise in the number of reported vulnerabilities to the general increase in the number of vendors and researchers looking for them. But reporting on code vulnerabilities means more opportunities for those vulnerabilities to be exploited, he notes.
“”The exploit code for about 60 per cent of those vulnerabilities is available at about the same time the vulnerabilities are disclosed, so that 60 per cent is pretty much the low-hanging fruit of attack traffic,”” he says. “”I would expect going forward that number would continue to grow.””
Murphy cautions that the six per cent decline in cyber attack volume should be taken with a grain of salt. The figure excludes blended threats, or attacks spread through the use of multiple techniques, such as Code Red and the Nimda worm, both of which wreaked havoc worldwide.
Attacks on government up
“”Despite the decline, attacks on the energy and power and financial services sectors were up significantly, and the damage to financial services companies almost doubled from the previous year,”” says Murphy.
Attacks on the not-for-profit sector, which includes government organizations, were also up considerably. According to the report, that number increased by 43 per cent.
Although most Canadian government organizations have beefed up their IT security systems to deal with the threat of cyber terrorism, not a single case was reported during the past six months. In fact, attacks from countries listed on the Cyber Terrorist Watch List accounted for less than one per cent of attacks.
Does that mean cyber terrorism is more of a bogeyman than a real threat? Not necessarily, says Murphy.
“”I just think the true terrorists as defined by the media today are not using the Internet as a medium of exploitation right now,”” he says. “”That doesn’t mean they can’t or won’t, or that they don’t have the technology or the wherewithal. But if you look at the schedule of countries on the terrorist watchlist, less than one per cent of source IPs (used to launch attacks) came from those countries. That’s not surprising, given that most terrorist attacks don’t originate from the source countries. They come from terrorists who happen to be in other countries. In their countries, they have little infrastructure to support that type of attack.””
The good news is that more than 99 per cent of all events detected by Symantec were classified as
