Hack attacks on Linux sites rocket

by Pia Heikkila, © 2002 silicon.com All rights reserved.

Thursday, 18th July 2002 - And not just because there are more of them... Attacks on Linux-based websites have risen dramatically over the past year. A study by UK security consultancy mi2g found 7,630 attacks on Linux systems during the first half of 2002 in comparison to just 5,736 for the whole of 2001.

The report described the attacks as "overt hacking attacks", which include website defacements and bulletin board modifications. The study did not include any damage caused by worms, viruses or other malware.

The company claimed the reason for the sudden rise in the number of attacks is threefold. D K Matai, CEO of mi2g, said: "The number of machines running on Linux systems has increased a lot and so have the attacks. Secondly the open source software running on top of Linux OS is often vulnerable to attacks. And finally OS system admins have been slack to pay attention to vulnerabilities. They have failed to patch the systems."

The report also found that attacks on Microsoft's IIS server dropped by 20 per cent during the first half of 2002 to 9,404, from 11,828 during the same period last year.

Matai said: "Hackers always go for the low hanging fruit - if it is easier to hack into open source systems, they will do it. Those system admins running IIS are paying more attention to the vulnerabilities because of the mass publicity last year."

mi2g's Security Intelligence Products and Systems (SIPS) database has information on more than 6,000 hacker groups and maintains a record of more than 60,000 individual hacking events.

Richard Hollis, managing director of security consultancy Orthus, said the number of Linux hacking tools has risen sharply too.

He said: "The rise in attacks on Linux servers is only due in part to the rise in popularity of them. It's a chicken-or-the-egg type of statistic. I would sooner credit the increase to the growing number of Linux hacking tools available over the web. Everyday there is a new one available for virtually every flavor of Linux.

"The tools are becoming increasingly easier to use and the companies are experiencing the results of this fact."

Renowned worldwide for the ATCA Briefings. Subscribe now.
Home - Profile - Values - People - Careers - Partners - Contact Us
D2 Banking - Bespoke Security Architecture - Digital Risk Management - Tools

Intelligence Briefings - Brochures - Case Studies -
SIPS Methodology FAQ (pdf)
Keynote Speeches - Articles - News Feeds - Glossary (pdf)
Terms and Conditions - Privacy Policy