Net firms face constant attack

Power firms are the top targets for web vandals

Tuesday and Friday are the most popular days for releasing viruses and launching attacks against net using companies.

The preference of net vandals is revealed in a report by Symantec on the state of net security.

It reveals the sustained assault every company connected to the web constantly undergoes.

It also shows that most attacks are being made with just a few pernicious programs.

Crack attack

The report shows that, on average, every net-connected company is being attacked 30 times per week.

Power and energy companies are the favourite targets, with financial service firms coming second.

It is so volatile that we do not know what is going to hit us next week

Richard Archdeacon, Symantec

The number of attacks has stayed constant for the last 12 months, but the numbers of ways that companies can be attacked are growing rapidly.

During 2002, Symantec documented 2,524 new vulnerabilities over the past year, an 81.5% increase over 2001.

Worryingly, the time between a vulnerability's discovery and its exploitation by vandals and crackers is shrinking.

Richard Archdeacon, director of technical services at Symantec, said the time between discovery and exploit was now down to weeks. This meant that companies had to move to fast to patch programs and ensure they were well defended.

"There are a lot more windows and doors open that could be used," he said.

However, he said, that the sheer weight of discovered vulnerabilities was proving a headache for companies because it is hard to know which to address first.

"There are no rules," he said, "it is so volatile that we do not know what is going to hit us next week."

Blended threats

Mr Archdeacon said companies were realising that simply installing anti-virus software and firewalls was not enough.

Top 10 attackers

US - 35.4%

South Korea - 12.8%

China - 6.9%

Germany - 6.7%

France - 4%

Taiwan - 3.9%

Canada - 3.2%

Italy - 3%

UK - 2.2%

Japan - 1.8%

Instead, he said, organisations needed to have a deep understanding of their networks, the software they are running in all parts of it so they know how vulnerable they are at all times.

"Companies have the technology," he said, "but no process or people to understand that or carry out the actions required."

One of the big trends revealed is the emergence of more so-called "blended threats" that merge scanning software with more malicious elements that carry out attacks.

The report, culled from the networks, firewalls and security software of Symantec customers, also showed that Tuesdays and Fridays during office hours are popular days for attacks to start.

Mr Archdeacon said Friday was possibly popular because many corporate network operators make changes to networks at the end of the week. Any hidden malicious programs could well strike as changes are made.