RipTech released Volume II of its Internet Security Threat Report, which shows that Internet attacks grew at an annualized rate of 64 percent during the period between January 2002 and June 2002. The report is based on data mining and analysis of more than 11 billion firewall logs and intrusion detection systems (IDS) alerts from more than 400 companies in over 30 countries around the world. The company isolated more than one million possible attacks and more than 180,000 confirmed attacks, which were analyzed to create the report.
Highlights from the report show that 80 percent of all attacks originate from 10 countries, including the United States, Germany, South Korea, China, France, Canada, Italy, Taiwan, Great Britain, and Japan. Designated "terrorist states" with the most cyber-attack activity include Iran, Pakistan, Egypt, Kuwait, and Indonesia.
The report shows that 70 percent of power and energy companies suffered severe attacks. Public companies were twice as likely to suffer attacks than were nonprofit and government entities combined. Highly aggressive attacks were 26 times more likely to be successful than were moderately aggressive attacks, and 99.9 percent of all attacks focused on only 20 services. In addition, the report reveals that some attacks that appear to be the Code Red worm had originated from UNIX systems. Since Code Red isn't designed to run on UNIX platforms, RipTech thinks this indicates that attackers are using the Code Red worm to help disguise their attacks.
Amit Yoran, president and CEO of Riptech, said that, "Volume II of the Internet Security Threat Report represents the most detailed analysis of cyber security trend activity ever performed and released to the public." Copies of the report are available by request at the RipTech Web site.