News

Group: Attacks Spike in September

An independent security vendor based in London, mi2g, says September was the third consecutive record-setting month for what it calls "overt digital attacks."

By the numbers: mi2g logged 9,011 attacks in September, compared with 5,830 in August and 4,904 in July. Coinciding with the September spike is an explosion in attacks on Windows-based systems -- the 5,854 attacks on Windows systems alone surpasses the previous record for attacks on all operating systems in one month.

D.K. Matai, chairman and CEO of mi2g, takes the news as evidence that the traditional relegation of patching to the weekend when reboots could be tolerated is becoming a major liability. "When there are tens of thousands of machines across an organization including servers and desktops it is difficult to manage reboot-patch-reboot regimes on a near daily basis," Matai said in a statement. "Invariably some mission critical machines don't get patched in time despite the best will to do so. Those are perfect doorways for hackers and they are being exploited ruthlessly."

A PDF chart on the mi2g Web site graphing attack volumes from 1999 to 2002 shows an enormous spike in the second half of 2002. Mi2g offers what it calls a conservative projection that by the end of 2002 digital attacks will have numbered 55,000. That compares with 31,322 in 2001, 7,821 in 2000, 4,197 in 1999 and 269 in 1998. The chart is available here:
http://mi2g.com/cgi/mi2g/press/images/Digital_Attacks_Sep25_2002.pdf.

Part of the reason for the spike in Windows system attacks is an increase in politically motivated hacking of U.S. government targets, which run the Microsoft operating system, according to mi2g. The number of attacks against U.S. government systems doubled between August and September, the group says. The mi2g attribute much of this activity to groups with anti-United States, anti-Israel and anti-India views.

The security organization defines overt digital attacks as incidents when a hacker group has gained unauthorized access to an online system and has modified publicly visible components while executing data attacks or command and control attacks. The statistics do not include attacks that only the attacker and victim are aware of, let alone attacks the victim organization is unaware of.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Microsoft Publishes Windows Deadlines on Upgrading to SHA-2

    Microsoft on Friday described its 2019 timeline for when it will start distrusting Shell Hashing Algorithm-1 (SHA-1) in supported Windows systems, as well as in the Windows Server Update Services 3.0 Service Pack 2 management product.

  • Performing a Storage Refresh on Windows Server 2016, Part 1

    To spruce up some aging lab hardware, Brien decided to make the jump to all-flash storage. Here's a walk-through of the first half of the process.

  • Datacenters Are Cooling Down as Buildouts Heat Up

    Tech giants Google, Apple and others are expanding their datacenter footprints at a rapid rate, and it's pushing the industry to find better ways to power all that infrastructure.

  • Vendors Issue Patches for Linux Container Runtime Flaw Enabling Host Attacks

    This week, the National Institute of Standards and Technology (NIST) described a high-risk security vulnerability (CVE-2019-5736) for organizations using containers that could lead to compromised host systems.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.