Previous Story
Study Reveals Massive Server Vulnerabilities
Posted On 20 Feb 2003
NEWS BRIEFS
Most networks and servers appear to be extremely vulnerable to random hacker attacks from the day they are connected to the Internet, a new study from PSINet Europe suggests.NEWS BRIEFS
Most networks and servers appear to be extremely vulnerable to random hacker attacks from the day they are connected to the Internet, a new study from PSINet Europe suggests. The study also said that many companies did not have the proper security solutions in place to protect their IT assets against attacks.
An anonymous, unprotected “dummy test” server that contained no data and had no public profile was attacked more than 460 times within 24 hours of being installed in PSINet Europe’s Amsterdam data center over the holiday season in Dec. 2002 – Jan. 2003.
The company said the server was attacked daily over a three-week period, including nine attacks on Christmas Day and 14 on Boxing Day. In total, the server was subjected to 626 malicious attacks during the testing period. “Hackers clearly don’t take holidays,” said Stephen Scott, Managing Director of PSINet Europe.
The report made several additional discoveries of note during the testing period:
· A significant number of attacks came from broadband or cable ISPs, suggesting that as capacity increases, so too does the ability of hackers to identify a wider range of targets, and they are using a larger array of methods and tools;
· The bulk of attacks originated in the USA and Western Europe instead of perceived traditional “hacker hotspots” like Eastern Bloc countries;
· Germany, Italy, the Netherlands and the UK were the most popular locations of attack originators within Europe, while Russia, Bulgaria and Romania hardly made a dent in the study’s results.
“Our dummy server should by rights have sat in splendid isolation in the data center – with no connections, scans or attacks expected,” Scott said. “Instead, we found that nearly 500 intrusions were attempted on day one of its installation.”
The company also pointed out that most corporate customers are not well-attuned to their security needs, which could mean a great opportunity for hosting and service providers to either upsell current accounts or provide security-based services as a standalone feature. According to the UK’s Department of Trade and Industry (DTI), only 27% of UK firms spend more than 1% of their IT budget on information security; an interesting point given that DTI says 44% of UK businesses have suffered at least one malicious breach in the past year.
The fact that most of the attacks originated in Western Europe instead of Eastern Europe is also significant, as most firms tend to concentrate their efforts against hackers in more eastern regions. PSINet Europe’s study therefore suggests that components of these efforts may be misplaced.
“The issue here is not just that firms aren’t doing enough to protect themselves, but also that they are not spending enough time analyzing exactly what the threat is to their online presence, and what security measures would best serve to protect them,” Scott said.
PSINet Europe, which provides access and hosting solutions to European businesses, was previously a subsidiary of bankrupt ISP PSINet. It is now a joint venture that involves Unicorn Worldwide Holdings, the firm that owns ClearBlue Technologies, and an Israeli Corporation. The revitalized company has five data centers throughout Europe.
Adam writes for The Web Host Industry Review and is a staff writer for Hosts4Porn, a Web hosting directory and resource site geared exclusively to adult Webmasters. Adam can be reached at adam@hosts4porn.com.
