Online attacks on Germany unprecedented
news release
news release
& faq
London, UK - 14th May 2002, 1500 GMT – Internet sites associated
with Germany (.de and .com) as well as other German speaking countries such
as Austria (.at) and Switzerland (.ch) are suffering a dramatic increase in
online attacks in May. A total of 556 .de sites were defaced in 2001 but the
figure for 2002 is already much higher at 995, with 263 of these taking place
so far in May, according to the mi2g Intelligence Unit.
Sites defaced include hotels, retail businesses, universities and Internet
Service Providers.
The majority of the attacks are due to a single hacker group that became
active on 23rd March 2002. Since then, it has been responsible for 64% (484/752)
of .de defacements, 72% (108/150) of .at defacements and 54% (85/158) of .ch
defacements, with the rest being carried out by various smaller groups and
individuals.
Of the German systems defaced in 2002, 75% are running on Linux. These Linux
based sites deploy open source third party portal and forum applications.
The hacker group responsible for the recent attacks on German websites is
exclusively targeting Linux based sites, exploiting some of the known open
source application vulnerabilities.
“So far, the security balance appeared to be
tilting against proprietary applications but the recent wave of German attacks
has shown that vulnerabilities within open source applications can be just
as easily exploited,” said DK Matai, Chairman and CEO, mi2g.
“There is no substitute for configuration management,
which includes downloading the latest patches in a world of 24/7 connectivity.”
According to the mi2g Intelligence Unit, the updated figure of .com
defacements worldwide in 2001 was 9,022, while in 2002 the number so far is
3,559. The overall figure for web site defacements in 2001 was 31,291 while
in 2002 the number so far is 12,116.
An interesting feature of the recent attacks on the .de domain is that some
waves have been associated with single IP addresses, indicating that some
of the targeted groups of sites have been running on the same machine. Growth
in the deployment of virtual hosting systems, where a single machine hosts
many websites, is fast becoming a substantial source of digital risk.
Notes to Editors
About mi2g:
mi2g Digital Solutions Engineering pays particular regard to security.
mi2g advises on the management of eRisk and incorporates Bespoke Security
Architecture in its SMART sourcing solutions.
mi2g builds highly secure intranets and extranets, digital communities
and data warehouses that are specifically constructed for data mining, customer
relationship management and enhancing the network effect. For further information
– www.mi2g.com
What is Bespoke Security Architecture?
Bespoke Security Architecture brings together firewall layers, intrusion
detection and other defensive structures, as well as automated intelligence
techniques with legal, human resource and company policies.
What is Digital Risk Management?
Digital Risk Management deals with a variety of issues associated with implementing
digital solutions and integrating Service Level Management. It includes selecting
the optimum technology set, managing external partners and alliances, linking
payments to targets, defining rigorous quality control procedures, managing
the growth in online traffic post launch, achieving the expected return on
investment, and bringing about the changes in the corporate culture required
for successful eBusiness.
What is the Contingency Capability Radar?
The Contingency Capability Radar is an ISO 17799 based platform, containing
tools and templates to assess and visualise risk exposure of an entire global
enterprise.
What is SMART-Sourcing?
mi2g SMART-Sourcing is the careful selection of cost effective and
trustworthy suppliers from around the world for building and maintaining highly
secure digital platforms on a 24 by 7 basis.
First contact for additional information - Intelligence
Unit, mi2g
Telephone: +44 (0) 20 7924 3010 - Facsimile: +44 (0) 20
7924 3310 - eMail: Intelligence
Unit
Related Articles