The number of security incidents skyrocketed in the first quarter of this year, and security analysts say it’s directly tied to the jump in the number of new worms and hybrid threats.
Internet Security Systems Inc. (ISS), an Atlanta-based security firm, reports a 36.6 percent increase in the amount of security incidents and confirmed attacks in the first quarter of 2003 compared to the fourth quarter of last year. The increase in security incidents was coupled with a ‘tremendous jump’ in overall security events — adding up to 10 times the number of events in the previous quarter.
The spike in security events, typically in the form of automatic probing and scanning for vulnerabilities, is directly linked to a dramatic increase in the number of new worms and hybrid threats tracked in the first quarter, according to ISS analysts. There were a reported 752 new worms and hybrid threats, compared to 101 in the fourth quarter of 2002.
”The large increase in mass mailing, highly persistent worms and security events indicates that this year will be challenging for security officers and administrators around the world,” says Chris Rouland, director of ISS’s security research and knowledge services organization. ”Hackers, criminals and hactivists continue to disrupt services, commit online theft and cause outages across the Internet by exploiting unprotected computers…”
Rouland says ISS analysts expect a steady amount of malicious activity on the Internet throughout 2003.
The ISS report also shows that the retail industry was the most attacked vertical market, accounting for 35 percent of the attacks. Financial services accounted for 11.5 percent; healthcare drew 9 percent, and federal and local government was in the lowest category with 1 percent.
The report also notes that Friday was the hottest day of the week in terms of security incidents. The last day of the work week showed the highest rate of security events throughout the quarter, registering an average of 2,301,777.