[iwar] Internet Security Threat Report Jan-Jun02, RipTech

From: televr (yangyun@metacrawler.com)
Date: 2002-07-09 04:28:15


Return-Path: <sentto-279987-4959-1026214097-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Tue, 09 Jul 2002 04:30:08 -0700 (PDT)
Received: (qmail 9509 invoked by uid 510); 9 Jul 2002 11:27:48 -0000
Received: from n24.grp.scd.yahoo.com (66.218.66.80) by all.net with SMTP; 9 Jul 2002 11:27:48 -0000
X-eGroups-Return: sentto-279987-4959-1026214097-fc=all.net@returns.groups.yahoo.com
Received: from [66.218.67.200] by n24.grp.scd.yahoo.com with NNFMP; 09 Jul 2002 11:28:17 -0000
X-Sender: yangyun@metacrawler.com
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-8_0_7_4); 9 Jul 2002 11:28:17 -0000
Received: (qmail 98929 invoked from network); 9 Jul 2002 11:28:16 -0000
Received: from unknown (66.218.66.216) by m8.grp.scd.yahoo.com with QMQP; 9 Jul 2002 11:28:16 -0000
Received: from unknown (HELO n20.grp.scd.yahoo.com) (66.218.66.76) by mta1.grp.scd.yahoo.com with SMTP; 9 Jul 2002 11:28:16 -0000
Received: from [66.218.67.182] by n20.grp.scd.yahoo.com with NNFMP; 09 Jul 2002 11:28:16 -0000
To: iwar@yahoogroups.com
Message-ID: <agehcf+l2cv@eGroups.com>
User-Agent: eGroups-EW/0.82
X-Mailer: Yahoo Groups Message Poster
From: "televr" <yangyun@metacrawler.com>
X-Originating-IP: 24.157.159.30
X-Yahoo-Profile: televr
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Tue, 09 Jul 2002 11:28:15 -0000
Subject: [iwar] Internet Security Threat Report Jan-Jun02, RipTech
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, hits=3.7 required=5.0 tests=RISK_FREE,FREE_MONEY,LINES_OF_YELLING version=2.20
X-Spam-Level: ***

RIPTECH INTERNET SECURITY THREAT REPORT VOLUME II QUANTIFIES RISE IN
INTERNET ATTACKS; DELIVERS INSIGHTS INTO TERRORIST-STATE CYBER THREATS

Report Reveals Elite Hacker Profile, Warns of "Smoke Screen" Code Red
Attacks

Alexandria, Virginia, July 8, 2002 - Riptech, Inc., the premier
provider of scalable, real-time managed security services, today
released volume II of its Internet Security Threat Report, showing
that Internet attacks grew at an annualized rate of 64 percent in the
period, January-June 2002. The expanded scope of the Report provides
the first insight into U.S. designated terrorist states' cyber-attack
volume and patterns. Riptech notes that attacks originating from these
geographies exhibit different scan patterns than those from other
nations. This is a critical tool for detecting cyber-terrorist
activities and Riptech continues to monitor any deviations in attack
patterns from these regions.
The Internet Security Threat Report cuts through the massive volume of
low-impact malicious activities to reveal a highly focused, small
demographic of elite hackers. Comprising less than one percent of all
cyber assailants, these dangerous predators' behaviors are marked by a
high number of attack signatures, extended attack duration, and their
focus on a small number of select targets.

Providing a new twist on the known Code Red worm, the Report points to
new evidence of smoke screen attacks. It notes a small percent of Code
Red attacks originated from UNIX systems, which is technically
impossible. This finding raises concern about known attack complacency
and the potential vulnerability posed by emerging smoke screen attack
strategies.

Derived from a sample set of more than 400 companies in over 30
countries throughout the world, the Riptech Internet Security Threat
Report is based on the world's largest repository of cyber-attack
data. Based on the empirical analysis of actual cyber attacks detected
against a global sample of security devices, the Report provides the
most detailed analysis of attack trends that affect the entire
Internet, specific industries, and individual corporations. It
quantifies the intensity, severity, and geographic sources of cyber
attacks. Following up on the first Internet Security Threat Report
that Riptech released in January 2002, this volume II Report focuses
on Internet attack activity in the period from January-June 2002. Key
metrics from the Report, include:

    * Internet attacks have increased at a 64 percent annualized rate
in the six-month period ¢ U.S. designated terrorist states with the
most cyber-attack activity included: Iran, Pakistan, Egypt, Kuwait,
and Indonesia
    * Highly aggressive attacks were 26 times more likely to result in
a severe attack than moderately aggressive attacks
    * A small percent of systems launching Code Red attacks were UNIX
systems, suggesting that some attackers are using Code Red to disguise
their attacks
    * 70 percent of power and energy companies suffered a severe
attack; as opposed to 57 percent in the prior six-month period
    * Public companies were twice as likely to experience at least one
severe attack and twice as likely to suffer a highly aggressive attack
than private, nonprofit, and government entities combined
    * 80 percent of all attacks originated from only 10 countries, up
from 70 percent during the prior six-month period - United States,
Germany, South Korea, China, France, Canada, Italy, Taiwan, Great
Britain, and Japan
    * 99.9 percent of attack scans are focused on only 20 services,
suggesting that the vast majority of attacker reconnaissance is
focused on a relatively few amount of entry points

"A critical global infrastructure, the Internet is crucial to U.S. and
international commerce," said Amit Yoran, president and CEO of
Riptech. "Volume II of the Internet Security Threat Report represents
the most detailed analysis of cyber security trend activity ever
performed and released to the public. This unique perspective is only
made possible by our monitoring technology and managed security
services. The Report underscores Riptech's commitment to provide our
customers with the industry's most proactive security protection."
Prior to the development of Riptech's Internet Security Threat Report,
other attempts to summarize network attack trends have relied on
survey data and conjecture. The accuracy of these other reports is
limited by inconsistent attack detection capabilities and the inherent
problems of self-reporting security data. The Internet Security Threat
Report is based on precise data mining and expert analysis of more
than 11 billion firewall logs and intrusion detection systems (IDS)
alerts discreet data points. From these data points, Riptech isolated
more than one million possible attacks and more than 180,000 confirmed
attacks, which were analyzed for this Report.

Trends presented in this Report are made possible by Riptech's
security monitoring service. Riptech provides management, monitoring,
analysis, and response against suspicious activities detected across
firewalls, VPNs, and IDS. By correlating and analyzing vast amounts of
security data through its proprietary Caltarian technology platform,
Riptech's Security Operations Center (SOC) analysts quickly identify
and defend organizations against potential intrusions or other
malicious activity.
Volume II of the Internet Security Threat Report is available on
Riptech's Web site at www.riptech.com.

About Riptech
Riptech, Inc., the premier provider of scalable, real-time managed
security services, protects clients through advanced outsourced
security monitoring and professional services. Riptech's unique
Caltarian technology platform provides real-time information
protection through around-the-clock monitoring, analysis, and
response. The Caltarian technology is capable of processing large
volumes of network security data to separate security threats from
false positives in real-time, with carrier-class scalability.
Additionally, Riptech's Security Professional Services group provides
security policy development, assessment and auditing, penetration
testing, incident forensics, and response. Riptech security
specialists have secured hundreds of organizations, including Fortune
500 companies and federal agencies. Based on its analysis of attacks
against a customer base of more than 400 companies in over 30
countries, Riptech regularly publishes the Internet Security Threat
Report, which can be found at www.riptech.com. Founded in 1998 by
Department of Defense security professionals and market experts,
Riptech delivers its service globally and is headquartered in
Alexandria, Virginia with offices in major metropolitan areas.

Request a Copy of the Internet Security Threat Report

Marketing Contact:
Krystal Johnson
Riptech, Inc.
(703) 373-5215
kjohnson@riptech.com



------------------------ Yahoo! Groups Sponsor ---------------------~-->
Free $5 Love Reading
Risk Free!
http://us.click.yahoo.com/TPvn8A/PfREAA/Ey.GAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:31 PDT