Studies reveal positive security trends

Depending on whom you ask, attacks on systems and companies are either increasing, or companies are starting to do a better job of fending off those attacks.

According to Donovan Gow, vice-president of equity research with American Technology Research in Greenwich, Conn., the IT security picture, while gloomy, is not altogether bad. Various statistics suggest that the number and severity of attacks is slowly declining. He cited two studies that show the number of unauthorized uses of computer systems and computer vulnerabilities appear to be dropping over time.

According to the Computer Security Institute and the F.B.I., reports of unauthorized used of computer systems, meaning systems that were successfully breached and compromised, declined from 58 per cent in 2003 to 53 per cent in 2004. Another study from Frammingham, Mass-based CERT Coordination Center found that the number of computer vulnerabilities also declined by about eight per cent in 2003, and seems on track to be the same by the end of this year.

Gow said companies are notoriously reluctant to go on record about security breaches. Still, he said the numbers do show a consistency from year-to-year and cannot be easily dismissed. And since no companies are named in the studies, they may be more forthcoming than they would be otherwise.

However, no one is suggesting that companies let down their guard anytime soon.

Gregg Mastoras, senior security analyst for Sophos in Boston, Mass., said one distinct trend that emerged in 2004 was a rise in the number of target attacks against banks and other online institutions using viruses and Trojans. The “Banker-AJ” Trojan was used in Brazil in late October to quietly gather users’ online banking and login information. It cost Brazilian banks and consumers some US$30 million. The Trojan-based attack later appeared in Europe and North America.

While Windows-based systems remain the target of choice for hackers and virus writers, Mastoras suggested Unix systems will likely start to suffer more attacks next year.

“While Unix, in terms of the number of viruses (made for it) pales in comparison to Windows viruses, we think that will change,” he added. “I think a lot of companies in the past thought that since there were not a lot of Unix viruses out there that Unix servers did not need protection.”

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now