Online attacks on Germany unprecedented

news release

news release & faq

London, UK - 14th May 2002, 1500 GMT – Internet sites associated with Germany (.de and .com) as well as other German speaking countries such as Austria (.at) and Switzerland (.ch) are suffering a dramatic increase in online attacks in May. A total of 556 .de sites were defaced in 2001 but the figure for 2002 is already much higher at 995, with 263 of these taking place so far in May, according to the mi2g Intelligence Unit.

Sites defaced include hotels, retail businesses, universities and Internet Service Providers.

The majority of the attacks are due to a single hacker group that became active on 23rd March 2002. Since then, it has been responsible for 64% (484/752) of .de defacements, 72% (108/150) of .at defacements and 54% (85/158) of .ch defacements, with the rest being carried out by various smaller groups and individuals.

Of the German systems defaced in 2002, 75% are running on Linux. These Linux based sites deploy open source third party portal and forum applications. The hacker group responsible for the recent attacks on German websites is exclusively targeting Linux based sites, exploiting some of the known open source application vulnerabilities.

“So far, the security balance appeared to be tilting against proprietary applications but the recent wave of German attacks has shown that vulnerabilities within open source applications can be just as easily exploited,” said DK Matai, Chairman and CEO, mi2g. “There is no substitute for configuration management, which includes downloading the latest patches in a world of 24/7 connectivity.”

According to the mi2g Intelligence Unit, the updated figure of .com defacements worldwide in 2001 was 9,022, while in 2002 the number so far is 3,559. The overall figure for web site defacements in 2001 was 31,291 while in 2002 the number so far is 12,116.

An interesting feature of the recent attacks on the .de domain is that some waves have been associated with single IP addresses, indicating that some of the targeted groups of sites have been running on the same machine. Growth in the deployment of virtual hosting systems, where a single machine hosts many websites, is fast becoming a substantial source of digital risk.

Notes to Editors

About mi2g:

mi2g Digital Solutions Engineering pays particular regard to security. mi2g advises on the management of eRisk and incorporates Bespoke Security Architecture in its SMART sourcing solutions.

mi2g builds highly secure intranets and extranets, digital communities and data warehouses that are specifically constructed for data mining, customer relationship management and enhancing the network effect. For further information – www.mi2g.com

What is Bespoke Security Architecture?

Bespoke Security Architecture brings together firewall layers, intrusion detection and other defensive structures, as well as automated intelligence techniques with legal, human resource and company policies.

What is Digital Risk Management?

Digital Risk Management deals with a variety of issues associated with implementing digital solutions and integrating Service Level Management. It includes selecting the optimum technology set, managing external partners and alliances, linking payments to targets, defining rigorous quality control procedures, managing the growth in online traffic post launch, achieving the expected return on investment, and bringing about the changes in the corporate culture required for successful eBusiness.

What is the Contingency Capability Radar?

The Contingency Capability Radar is an ISO 17799 based platform, containing tools and templates to assess and visualise risk exposure of an entire global enterprise.

What is SMART-Sourcing?

mi2g SMART-Sourcing is the careful selection of cost effective and trustworthy suppliers from around the world for building and maintaining highly secure digital platforms on a 24 by 7 basis.

First contact for additional information - Intelligence Unit, mi2g

Telephone: +44 (0) 20 7924 3010 - Facsimile: +44 (0) 20 7924 3310 - eMail: Intelligence Unit

Related Articles

Renowned worldwide for the ATCA Briefings. Subscribe now.
Home - Profile - Values - People - Careers - Partners - Contact Us
D2 Banking - Bespoke Security Architecture - Digital Risk Management - Tools

Intelligence Briefings - Brochures - Case Studies -
SIPS Methodology FAQ (pdf)
Keynote Speeches - Articles - News Feeds - Glossary (pdf)
Terms and Conditions - Privacy Policy