Group: Attacks Spike in September -- Redmondmag.com

Group: Attacks Spike in September

By Scott Bekker
10/01/2002

An independent security vendor based in London, mi2g, says September was the third consecutive record-setting month for what it calls "overt digital attacks."

By the numbers: mi2g logged 9,011 attacks in September, compared with 5,830 in August and 4,904 in July. Coinciding with the September spike is an explosion in attacks on Windows-based systems -- the 5,854 attacks on Windows systems alone surpasses the previous record for attacks on all operating systems in one month.

D.K. Matai, chairman and CEO of mi2g, takes the news as evidence that the traditional relegation of patching to the weekend when reboots could be tolerated is becoming a major liability. "When there are tens of thousands of machines across an organization including servers and desktops it is difficult to manage reboot-patch-reboot regimes on a near daily basis," Matai said in a statement. "Invariably some mission critical machines don't get patched in time despite the best will to do so. Those are perfect doorways for hackers and they are being exploited ruthlessly."

A PDF chart on the mi2g Web site graphing attack volumes from 1999 to 2002 shows an enormous spike in the second half of 2002. Mi2g offers what it calls a conservative projection that by the end of 2002 digital attacks will have numbered 55,000. That compares with 31,322 in 2001, 7,821 in 2000, 4,197 in 1999 and 269 in 1998. The chart is available here:
http://mi2g.com/cgi/mi2g/press/images/Digital_Attacks_Sep25_2002.pdf.

Part of the reason for the spike in Windows system attacks is an increase in politically motivated hacking of U.S. government targets, which run the Microsoft operating system, according to mi2g. The number of attacks against U.S. government systems doubled between August and September, the group says. The mi2g attribute much of this activity to groups with anti-United States, anti-Israel and anti-India views.

The security organization defines overt digital attacks as incidents when a hacker group has gained unauthorized access to an online system and has modified publicly visible components while executing data attacks or command and control attacks. The statistics do not include attacks that only the attacker and victim are aware of, let alone attacks the victim organization is unaware of.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.
PowerShell Script Used in Phishing Attack May Be AI-Generated

A PowerShell script being used in a novel malware campaign may have been created by AI, according to security researchers at Proofpoint.