Canada origin for corporate Internet attacks

Canada is one of just a handful of countries where Internet attacks against enterprises originate from, according to a new security report.

Alexandria, Va.-based Riptech Inc., a security services company, recently released results of the second stage of its Internet Security Threat Report. The study tracked data from the firewalls and intrusion detection systems of more than 400 companies in more than 30 countries during the first six months of this year.

Just 10 nations – including Canada, the U.S., France, Germany, Japan, South Korea, China, Taiwan, Great Britain and Italy – were the source of 80 per cent of the attacks, according to the report. The percentage of attacks from this group of countries grew by 10 per cent over the previous six-month period. Over that period Canada ranked sixth, accounting for three per cent of the overall attacks. The United States ranked first, accounting for 40 per cent of the overall attacks.

The companies that were monitored averaged 32 attacks per week in that period, up from 25 during the previous six months. Public enterprise, along with power and electrical companies, were the prime targets for attacks.

“It would be my expectation that Canadian companies had similar experiences as those in the U.S.,” said Elad Yoran, co-author of the report and executive vice-president of Riptech Inc.

The attacks centred on just 20 services that included Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP) Microsoft SQL and Unix SSH.

“Virtually all statistics indicate that the Internet remains intense, pervasive and potentially severe,” the study stated.

The report tried to stay away from motivation for the attacks, because it would require some speculation, and couldn’t be backed up by the data collected, according to Yoran.

“In terms of what hackers’ motivation might be, (it) could vary from financial gain to glory to information seeking to espionage,” Yoran said.

Riptech did uncover some positive news, finding that “companies may be achieving some level of success in defending against Internet attacks,” according to the report. It was also discovered that the number of companies suffering severe attacks had dropped by half – to 23 per cent – compared to the last six month of 2001.

In an effort to guard against attacks, enterprises should better train employees, as well as implement security hardware like firewalls and intrusion detection systems, with realtime security monitoring, a service offered by various companies, Yoran said.