Computer Crime Research Center

September 2002 Breaks All Records for Digital Attacks

September 2002 has seen 9,011 overt digital attacks so far, shattering all previous monthly records. The record was previously held by August 2002 (5,830) and by July 2002 (4,094) before that. Monthly records have now been broken for three consecutive months. September's record this year stands in sharp contrast to September 2001, when 9/11 precipitated a dramatic plunge in the number of overt digital attacks to just 816 from 2,820 in August and 3,499 in July 2001 according to the mi2g SIPS database.

There has been rising antagonism across the digital world against the US in response to its policy on Iraq and support for Israel. US Government online computers belonging to the House of Representatives, Department of Agriculture, Department of Education, National Park Service, Goddard & Marshall Space Flight Centers, State Library and US Geological Survey were attacked in September. All of the online victims were running Microsoft Windows. The number of overt digital attacks against US Government targets more than doubled in September in comparison to August.

The worldwide hacker groups responsible for anti-US, anti-Israel and anti-India digital attacks in September include S4t4n1c S0uls, USG, WFD, EgyptianHackers, Arab VieruZ, MHA, The Bugz and FBH.

US registered domains have been successfully attacked 4,157 times so far this month followed by Brazil (835), UK (376), Germany (356) and India (285). North America was subjected to more overt attacks so far in September than any other region (49%) whereas Europe was the victim of 23% of all attacks. In comparison, North America suffered 38% of all attacks in August while Europe was the victim of 39%.

Attacks on Microsoft Windows systems (5,854) in September 2002 have dwarfed attacks on all other operating systems combined including Linux (1,740), BSD (933) and Solaris (229). Increasing number of vulnerabilities are being found in generic operating systems, server software, applications and libraries deployed on mission critical systems. It is no longer possible to patch vulnerabilities, which are now being discovered in ever greater numbers, without suffering severe down times. The non-stop configuration management demanded by vendors has become damaging in terms of business interruption and co-ordination.

"Applying patches was traditionally relegated to the weekend when reboots could take place but it has now become a 24/7 configuration management issue. If there were just a few large computers to patch that would be fine. When there are tens of thousands of machines across an organisation including servers and desktops it is difficult to manage reboot-patch-reboot regimes on a near daily basis. Invariably some mission critical machines don't get patched in time despite the best will to do so. Those are perfect doorways for hackers and they are being exploited ruthlessly," said DK Matai, Chairman and CEO of mi2g.

Editor's Notes:

There were a total of 1,093 overt digital attacks on 8th September alone, the second highest number on record, only marginally lower than the all-time-high one day figure for 18th August. The cumulative for the first nine months of 2002 as of 25th September is 40,116, a number significantly higher than the figure for the whole of 2001. A conservative projection for overt digital attacks across the globe for 2002 would be over 55,000. Total figures are 31,322 for 2001; 7,821 for 2000; 4,197 for 1999 and 269 for 1998.


Home | What's New | Articles | Links
Library | Staff | Contact Us

Copyright Computer Crime Research Center 2001, 2002 All Rights Reserved.
Contact the CCRC Office at 380-612-735-907

Rambler's Top100 Rambler's Top100