Advertisment

Serious web attack threats remain: Symantec

author-image
CIOL Bureau
Updated On
New Update

SEATTLE: The number of cyber attacks on corporate networks rose 20 percent in the second half of 2002, Web security provider Symantec Corp. said in a report, as the number of reported vulnerabilities nearly doubled from a year earlier.



The report came 10 days after the debilitating attack of the "SQL Slammer" worm that suddenly slowed Internet traffic worldwide, nearly shut down web access in South Korea and brought many U.S. automatic teller machines to a standstill.



Average attacks per company, according to research conducted by Symantec, rose 20 percent in the last six months of 2002 compared to the same period a year earlier, Symantec said.



Symantec also said that the number of vulnerabilities in networks and software jumped 81.5 percent in the second half of 2002 from the previous year.



The SQL Slammer exploited a previously known vulnerability in Microsoft Corp.'s SQL corporate database software to flood computers and networks with copies of itself.



Symantec said that the rise in reported vulnerabilities was most likely due to more responsible disclosure by software makers and more sophisticated attacks.



"It could be that more vendors are reporting vulnerabilities as they are patched," Symantec's Chief Technology Officer Robert Clyde said.



The SQL Slammer was a worm and was the worst new widespread security attack in the 18 months since the Code Red worm hit corporate networks in 2001, experts said.



Symantec also noted several unique patterns of activity in the report. Contrary to the popular image of cyber attackers working late at night and at odd hours to unleash malicious code, Symantec found that attack volume tracked the work day and work week, with lower activity detected on Saturdays and Sundays.



Peak activity was usually detected between the overlapping working day between Europe and North America, the report said.



© Reuters

tech-news