BBC NEWS Americas Africa Europe Middle East South Asia Asia Pacific
BBCi NEWS   SPORT   WEATHER   WORLD SERVICE   A-Z INDEX     

BBC News World Edition
 You are in: Technology  
News Front Page
Africa
Americas
Asia-Pacific
Europe
Middle East
South Asia
UK
Business
Entertainment
Science/Nature
Technology
Health
-------------
Talking Point
-------------
Country Profiles
In Depth
-------------
Programmes
-------------
BBC Sport
BBC Weather
SERVICES
-------------
EDITIONS
Tuesday, 4 February, 2003, 08:40 GMT
Net firms face constant attack
Power station control panel, PA
Power firms are the top targets for web vandals
Tuesday and Friday are the most popular days for releasing viruses and launching attacks against net using companies.

The preference of net vandals is revealed in a report by Symantec on the state of net security.

It reveals the sustained assault every company connected to the web constantly undergoes.

It also shows that most attacks are being made with just a few pernicious programs.

Crack attack

The report shows that, on average, every net-connected company is being attacked 30 times per week.

Power and energy companies are the favourite targets, with financial service firms coming second.

It is so volatile that we do not know what is going to hit us next week

Richard Archdeacon, Symantec
The number of attacks has stayed constant for the last 12 months, but the numbers of ways that companies can be attacked are growing rapidly.

During 2002, Symantec documented 2,524 new vulnerabilities over the past year, an 81.5% increase over 2001.

Worryingly, the time between a vulnerability's discovery and its exploitation by vandals and crackers is shrinking.

Richard Archdeacon, director of technical services at Symantec, said the time between discovery and exploit was now down to weeks. This meant that companies had to move to fast to patch programs and ensure they were well defended.

"There are a lot more windows and doors open that could be used," he said.

However, he said, that the sheer weight of discovered vulnerabilities was proving a headache for companies because it is hard to know which to address first.

"There are no rules," he said, "it is so volatile that we do not know what is going to hit us next week."

Blended threats

Mr Archdeacon said companies were realising that simply installing anti-virus software and firewalls was not enough.

Top 10 attackers
US - 35.4%
South Korea - 12.8%
China - 6.9%
Germany - 6.7%
France - 4%
Taiwan - 3.9%
Canada - 3.2%
Italy - 3%
UK - 2.2%
Japan - 1.8%
Instead, he said, organisations needed to have a deep understanding of their networks, the software they are running in all parts of it so they know how vulnerable they are at all times.

"Companies have the technology," he said, "but no process or people to understand that or carry out the actions required."

One of the big trends revealed is the emergence of more so-called "blended threats" that merge scanning software with more malicious elements that carry out attacks.

The report, culled from the networks, firewalls and security software of Symantec customers, also showed that Tuesdays and Fridays during office hours are popular days for attacks to start.

Mr Archdeacon said Friday was possibly popular because many corporate network operators make changes to networks at the end of the week. Any hidden malicious programs could well strike as changes are made.

See also:

23 Aug 02 | Technology
03 Feb 03 | Technology
02 Aug 01 | Science/Nature
08 Aug 02 | Technology
27 Jan 03 | Technology
Internet links:


The BBC is not responsible for the content of external internet sites

Links to more Technology stories are at the foot of the page.


 E-mail this story to a friend

Links to more Technology stories

© BBC ^^ Back to top

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East |
South Asia | UK | Business | Entertainment | Science/Nature |
Technology | Health | Talking Point | Country Profiles | In Depth |
Programmes