Government computers top target for cyberattacks

By Daniel Pulliam

August 5, 2005

Cyberattacks on computer systems escalated in the first half of 2005 and government agencies were targeted more than any other business sector, according to a new report.

Attacks on the government, financial services, manufacturing and health care industries have risen 50 percent since the beginning of the year, according to IBM's Global Business Security Index Report.

In the first half of 2005, there were more than 237 million security attacks worldwide, with 54 million directed at the U.S. government. The manufacturing sector received about 36 million attacks, followed by the financial services industry with 34 million and health care with 17 million.

Attacks considered to be relatively harmless-such as spam or basic computer viruses-declined. IBM analysts concluded that for-profit attacks are becoming dominant, particularly those involving phishing-the use of e-mail to try to fraudulently obtain personal information.

The percentage of spam in total e-mail traffic dropped from 83 percent in January to 67 percent in June, but e-mails containing viruses increased by 50 percent during the same period, the report stated.

In December 2004, one in every 52 e-mails contained a malicious security threat, such as a virus. By January 2005, the ratio had jumped to one of every 35 e-emails. By June, the number reached one in every 28 e-emails.

IBM analysts believe the majority of cyberattacks now are carried out by criminal gangs, which have become smarter. In the first half of 2005, MessageLabs, a security and management firm that partnered with IBM in writing the report, recorded more than 35 million phishing attempts. In 2004, MessageLabs recorded about 25 million such efforts.

One type of phishing, known as spear phishing--which involves coordinated attacks on specific organizations or individuals for the purposes of getting important data--has grown more than tenfold since the beginning of the year, the report stated.

Alan Paller, director of research at the security group SANS Institute, said that spear phishing is turning into an epidemic. But despite the growing extent of the problem, Paller says that the federal government has been ineffective in responding to the threat.

"This is a huge problem," Paller said. "They need to have a strategy for dealing with it, and I don't mean a go-to-meetings strategy, but an actual action strategy that they can undertake."

Paller criticized the 2002 Federal Information Security Management Act, which requires agencies to publish reports certifying and accrediting major systems and applications for security risks--a time- and resource-consuming process.

"Agencies are spending significantly more [time and money] writing reports and less protecting their networks," Paller said. "Let's stop writing reports and get the stuff fixed."

The United States was the source of the most attacks in the period studied, with 12 million, followed by New Zealand with 1.2 million and China with 1 million. Attacks were most likely to occur on Fridays and Sundays and between 1 a.m. and 6 a.m.

By Daniel Pulliam

August 5, 2005