July 29, 2002—Internet attacks grew at an annualized rate of 64% in the period January-June 2002, according to the July 2002 edition of the Riptech Internet Security Threat Report. Successful Internet attacks numbered more than 180,000 during the period, and many organizations were attacked more than once.
Derived from a sample set of more than 400 companies in over 30 countries throughout the world, the report is based on the world’s largest repository of cyber-attack data. It also introduces several new areas of investigation, including the cyber-terrorist threat, attack aggression, and the effect of security monitoring on the nature of attack activity. Overall, the report indicates that Internet attacks remain “intense, pervasive, and potentially severe.” The average number of Internet attacks per company per week was 28% higher during this six-month period as compared to the prior six-month period.
However, at least some companies are achieving success in defending their networks, as the percentage of companies that suffered severe attacks declined measurably.
According to the report, 99.9% of attack scans are focused on only 20 services, including financial services, technology, and power companies. Seventy percent of power and energy companies were attacked at least once, up from 57% for the previous six-month period. Public companies were twice as likely to experience at least one severe attack and twice as likely to suffer a highly aggressive attack than private, nonprofit, and government entities combined.
80% of all attacks originated from only 10 countries, up from 70% during the prior six-month period: the United States, Germany, South Korea, China, France, Canada, Italy, Taiwan, Great Britain, and Japan. US-designated terrorist states with the most cyber-attack activity included: Iran, Pakistan, Egypt, Kuwait, and Indonesia. A small percent of systems launching Code Red attacks were UNIX systems, suggesting that some attackers are using Code Red to disguise their attacks.
