79 Percent Increase Cyber Attacks
It was about time someone did this.
Riptech, a so called "Managed Security Provider, just last week released
a report revealing that the rate of cyber attacks has increased by 79
percent in the last six months. They came out with their Internet Security
Threat Report, which they say is the first report to actually
present cyber attack trends based on the empirical analysis of actual
cyber attacks detected against a global sample of security devices.
According to their report, the rate of attack activity increased by
79 percent between July and December 2001, with a substantial percent
of attacks (39 percent) targeted at a specific organization. A small
number of nations were the source of the vast majority of the attacks:
U.S. (30 percent), South Korea (9 percent), China (8 percent).
Interestingly, after adjusting for the number of Internet users in
each country, the intensity of attacks from Israel was nearly double
the attack intensity rate of any other individual country.
Riptech also found that different industries suffered significantly
different rates of attack intensity and severity. High tech, financial
services, media/entertainment, and power and energy experienced the
highest number of attacks per company, each averaging more than 700
attacks per company over the past six months. However, the power and
energy industry suffered the most, with companies in that industry
being subjected to severe attacks at a rate that was over twice the
mean of all companies in the sample set.
Attack intensity and intent varied moderately based on company size,
and differed significantly based on ownership type. Companies with
500 or more employees suffered at least 50 percent more attacks per
company than companies with less than 500 employees. Public companies
suffered approximately twice the number of attacks per company as
private and nonprofit companies. The Internet Security Threat Report
is based on a sample set of over 300 companies in more than 25 countries.
Getting the holes fixed in your environment is no longer a luxury item
but as necessary as taking a shower on a regular basis. Here's a tool:
Event Archiver Enterprise 3.5.63 Now Available
More and more, it seems like security admins spend a whole lot of
time on external intrusion detection at the peril of internal network
security. This is like putting 5 different deadbolts on your front door
but leaving your back door wide open with a welcome sign outstretched.
Who in your organization is looking out for employees stealing data
or rogue admins modifying elements of your NT/2000 domain? Who is
auditing your internal networks for threats from within?
Event Archiver, by Dorian Software Creations, Inc, lets you roll out
the level of auditing required to adequately secure a W2K/NT network.
Use its wizards to quickly deploy uniform audit policies and log
settings to member servers and workstations, regardless of whether or
not your organization has deployed AD and Group Policy. Let it
automatically collect and consolidate your event log data on your
schedule in the data format of your choosing. Configure it to run as
a central collection station without clients on remote machines, or
install it individually on isolated machines in workgroups or DMZs.
New Features in V3.5.63:
- Event Archiver now supports monthly archiving, in addition to daily,
weekly, and file size based archiving
- A user-definable "log fullness" definition has been added, so you
can control when a log is archived based on its file size
- Utilizes Windows Installer technology for super easy installations
on Windows NT/2000 machines, and now can be scripted for unattended
"We've had nothing but positive results with the product and we love it"
Sherry - Event Archiver customer with the U.S. Military
"Event Archiver is still going strong, archiving 3 GB of logs a week
to SQL 7.0, and has performed without error"
Danny - Event Archiver Customer with a U.K. media company
"Event Archiver is a great product for archiving multiple Win2K and NT
systems? event logs"
Windows 2000 Magazine, October 2001
Find out yourself why Event Archiver is the auditing tool of choice
for so many U.S. government agencies, defense department networks,
and large and small corporations worldwide. Click here to download
your free evaluation copy.
HFNETCHKPRO Now Pushes Patches
Scanning, analyzing and pushing patches is getting more and more
important. The new HFNETCHKPRO (included in the Shavlik Admin
Suite) features in the area of Patch Pushing are:
- Detailed error logging and displaying
- Scheduled updates
- Connected User notification of patch installation
- Remote shutdown and restart of SQL and IIS to assure quality updates
- Support machines that are not running the Scheduler
- Log events to allow for tracing and reporting
- Support the RunOnceEx setting to allow for controlled installation
- Emergency server shutdown support to quarantine virus attack
- Advanced patch copy
- Full reporting and tracking using and open database
Check it out at:
- Advanced GUI with search and scan engine that allows users to only
look for the computer types they want to check for including IIS, SQL
- Uses a full relational to database for scan history and full
analysis and reporting
- IP look up on NT systems to allow for range scanning form NT desktops
- International support
- Input Files for the creating of robust batch files
- Advanced IP lookup and scanning to find all the computers on your network
- Workgroup and OU support
- HTML and XML output for custom application integration
- Directory Services Support