Cyber Attacks Decline; Vulnerabilities Surge
The number of cyber attacks declined in the second half of 2002, but software vulnerabilities continued to skyrocket, says report.The number of attacks on Internet-connected machines decreased over the past six months while the number of software vulnerabilities continued to skyrocket, according to a new report. In the last half of 2002, the number of attacks per week at a given company fell by 6 percent to 30, compared to the previous six months. Also, fewer companies experienced at least one severe event. The report indicates that 21 percent of companies had such an event, less than half the number that reported a severe attack during the same period in 2001. And, less than two percent of all incidents were found to be aggressive attacks. That is, concentrated attacks on a particular target. In fact, fully 85 percent of all of the attack activity the respondents reported was classified as simple pre-attack reconnaissance.
"It appears that attacker aggression declined during the past six months. This observation, coupled with observations by Symantec analysts, supports the conventional wisdom that most attackers search for a few vulnerabilities to exploit and will abandon their efforts if these vulnerabilities are unavailable," the report concludes.