[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Monday, 25 April, 2005, 09:58 GMT 10:58 UK
Web server attacks 'growing fast'
US soldier in Iraq, AP
The war in Iraq prompted many website attacks
More than 2,500 web servers every day are being hacked, reveals a report.

The survey by Zone-H revealed that web server attacks and website defacements grew by 36% during 2004 when almost 400,000 incidents were recorded.

The attacks include 49 separate sorties against US military servers and huge numbers of website defacements carried out during organised hacking sprees.

The research revealed that Christmas holidays are a very popular time for malicious hackers to attack sites.

Attack pattern

The figures were collated by Zone-H - a web-based organisation that uses a world-wide network of volunteers to spot and investigate web server attacks and site defacements.

Typically defacements involve making the public facing pages of a website display a message showing which malicious hacker or group is responsible.

Website defacements were the most popular form of attack and made up the majority of the 392,545 recorded incidents.

US school buses, Eyewire
Spikes in attacks are tied to the school calendar
"Defacement is just one option for an attacker," said Roberto Preatoni, Zone-H co-ordinator. "In most circumstances the techniques used by defacers are the same techniques used by serious criminals to cause more serious damage."

Attacks involve penetrating a site, sometimes for criminal ends, to get at the information it holds.

The report found that more than half of all attacks and defacements, 55%, succeeded by exploiting a known bug or vulnerability or an administration mistake.

Code to exploit these loopholes often appears soon after software makers publicly warn about their existence. However, many hacking groups exchange information about bugs in software long before they are publicly acknowledged.

Administration mistakes involve using easily guessable or crackable passwords. Many net server administrators forget or do not know about unused systems on a computer that can accidentally give attackers a way in.

The statistics also gather information about why hacking groups mount such attacks. Many simply do it for fun, others as a way to compete with other groups to set records for the most high-profile site attacked and a few do it to make a political point.

The figures show that the many incidents occur on the anniversaries of the start of the most recent war in Iraq when both pro-Muslim and pro-American groups defaced sites.

The survey also found that the long holidays around Christmas provoke a spike in attacks and incidents. The frequency of attacks also dips around the time that schools re-open suggesting that many teenagers are behind the defacements.

In the three years since Zone-H was set up the organisation has logged details of almost one million attacks.

The survey was produced to coincide with the start of the Infosecurity Europe show which takes place at Olympia in London from 26-28 April 2005.




SEE ALSO:
Ex-hacker warns on computer security
08 Apr 05 |  Click Online
Training a new breed of hacker
08 Apr 05 |  Click Online
Hi-tech crime costs UK plc 2.4bn
05 Apr 05 |  Business
Web shops face tighter security
18 Apr 05 |  Technology
Warning over fake Windows update
08 Apr 05 |  Technology


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific