IBM Sees Surge in Network Attacks Directed toward 'Critical Infrastructure Providers'

IBM Security Intelligence Services Charts 55 Percent Increase in Network Attacks in August

Select a topic or year

ARMONK, N.Y. - 25 Oct 2004: Network attacks against critical infrastructure providers such as utilities, telecommunications companies and government agencies surged 55 percent from July to August, according to IBM's Global Security Intelligence Services. Since July, IBM has seen a 27 percent increase in overall network attacks against all monitored enterprises and businesses.

Businesses are increasingly dependent on information technology and the Internet to run their daily operations. With their network infrastructures increasingly under attack, IBM, through its Global Business Security Index, helps alert these businesses in advance to the onslaught of threats to help them proactively secure their networks.

The IBM Global Business Security Index -- created by IBM's global security experts -- is a monthly report that assesses, measures and analyzes global network security and business threats and attack trends. The Index is compiled by harnessing the historical and current data collected by IBM's 2700 information security professionals and half a million monitored devices to provide a picture of the IT and business threat landscape. IBM's IT security intelligence and business consulting experts analyze the vast amount of data collected by IBM network and system monitoring sensors. The experts then rate the potential severity of known IT threats, producing a unique snapshot of the current IT security landscape.

The report, which may be customized by industry, tracks real and potential IT threats to a business including:

IT network and infrastructure, including potential and real threats that could significantly damage a customer's business and reputation
Business continuity trends, statistics and recommendations for keeping employees, customers, suppliers and partners connected with critical business information during natural disasters, such as hurricanes, and widespread power failures
IBM confirmed 997 Internet attacks in September directed at networks that the company monitors, representing a 27 percent increase over confirmed Internet attacks in July and August. The most prevalent attacks came from several worms, such as Sasser and Korgo, seeking to exploit a vulnerability located within LSASS, a security component of the Microsoft Windows operating system.

Critical infrastructure providers experienced an increase in worm traffic -- as did most IT environments, according to IBM's analysis. The most apparent increases, however, were caused by attackers seeking vulnerabilities in Web server software (e.g., Microsoft IIS, Apache HTTP Server, and Netscape iPlanet). This type of reconnaissance activity typically precedes more complex, singularly directed attacks against systems that are found vulnerable.

"In the fight against IT security threats, timing is everything," said Stuart McIrvine, director of IBM's security strategy. "Knowing about new threats and vulnerabilities before they become attacks and proactively taking steps to prevent harm is now more critical than ever. These days, hackers are able to reverse engineer newly published security patches and deploy an attack on an unpatched system in 48 hours. Companies that have elevated security issues from the server room to the boardroom are tapping into IBM's worldwide security expertise, intelligence and technological resources to help preempt global attacks."

Many Fortune 500 companies and government entities in 34 countries around the world use a variety of IBM's monitoring services, such as its Intrusion Detection Service, Vulnerability Testing and Assessment Service, to keep abreast of current attacks and threats around the clock. On average, IBM's monitoring services detects 100 million suspected or actual attacks against customers each month. In addition, newly-discovered IT threats, such as new vulnerabilities, malware or general risks posed to IT environments, are assigned a potential severity score from 0 to 10 in various categories.

In other news, IBM today announced the appointment of Stuart McIrvine to the post of Global Security Strategy Director for IBM. He replaces Christopher O'Connor, who has moved to a new position within the IBM software division.

As part of IBM's Global Security Intelligence Services, IBM offers its strategic outsourcing customers access to its Global Business Security index. The Index will be available for businesses in the near future through a new IBM Security Intelligence Services subscription based offering.

Related XML feeds
Topics XML feeds
Services and solutions