Security Threats—The Peaks and the Valleys

A new report finds that security threats concentrate themselves in certain industries and in certain countries.

New research released this week by Riptech Inc., a Virginia-based company that provides security services to companies and organizations, suggests that there are widely varying rates of cyber attacks across countries, industries, and types of organizations. The companys "Internet Security Threat Report," which tracked cyber-attack data from 300 companies in more than 25 countries between July and December of 2001, finds that cyber attacks are not only on the rise, but are highly concentrated in the United States, and highly concentrated in the high-tech industry. The findings come at a time when some experts are suggesting that hackers may be slowing their efforts.

Among the specific findings in Riptechs report are that the rate of attacks increased by 79 percent between July and December 2001, and a very small number of nations are the source of the vast majority of the attacks. Specifically, 30 percent of tracked attacks originated in the U.S., with South Korea next at 9 percent, followed by China at 8 percent. Adjusting for the number of Internet users in each country, the volume of attacks emanating from Israel is nearly double that from any other country. Riptechs research also revealed that some industries are targeted more frequently than others. Specifically, the high-tech, financial services, media, and energy sectors experience the most frequent attacks.

Although the report found widely varying numbers of attacks against small companies, Amit Yoran, president and CEO of Riptech, says that "information security has emerged as a strategic concern for all corporate decision makers." Riptechs numbers show that companies in its sample set with 500 or more employees suffered 50 percent more attacks than companies with fewer than 500 employees.

Its important to note that Riptechs research focused on the July-to-December period of last year. Some experts and data have suggested that the September 11 terrorist attacks and ensuing bills calling for stricter punishments for hackers have curbed security threats in recent months. For example, PC Magazine recently reported that in August, the Federal Computer Incident Response Center, which tracks attacks on the civilian agencies and departments of the federal government, reported 114 discrete attacks. In December, that number was down to 15.

In an e-mail interview with PC Magazine, Robert Lyttle, widely known as the pro-Napster hacker (who faces court restrictions on his use of the Web and now serves as CEO of security software firm Sub Seven Software), agreed that the government may be more vigilant, but disagreed with the notion that hackers may be slowing down their efforts.

"We could finally be seeing the government improve security," says Lyttle. "Maybe it really did take such a big tragedy as the World Trade Center attacks to make the public realize that things need to be more secure. But hackers will always be active. What should be in focus are these two factors: Either hackers are getting smarter to help keep stealth—going in and out of networks for what they need, and not being caught or recognized—or hackers are making a move into White Hat hacker status."

The Internet Security Threat Report from Riptech will be updated every six months on an ongoing basis.