And not just because there are more of them...
By Pia Heikkila
Published: 18 July 2002 16:40 GMT
Attacks on Linux-based websites have risen dramatically over the past year.
A study by UK security consultancy mi2g found 7,630 attacks on Linux systems during the first half of 2002 in comparison to just 5,736 for the whole of 2001.
The report described the attacks as "overt hacking attacks", which include website defacements and bulletin board modifications. The study did not include any damage caused by worms, viruses or other malware.
The company claimed the reason for the sudden rise in the number of attacks is threefold. D K Matai, CEO of mi2g, said: "The number of machines running on Linux systems has increased a lot and so have the attacks. Secondly the open source software running on top of Linux OS is often vulnerable to attacks. And finally OS system admins have been slack to pay attention to vulnerabilities. They have failed to patch the systems."
The report also found that attacks on Microsoft's IIS server dropped by 20 per cent during the first half of 2002 to 9,404, from 11,828 during the same period last year.
Matai said: "Hackers always go for the low hanging fruit - if it is easier to hack into open source systems, they will do it. Those system admins running IIS are paying more attention to the vulnerabilities because of the mass publicity last year."
mi2g's Security Intelligence Products and Systems (SIPS) database has information on more than 6,000 hacker groups and maintains a record of more than 60,000 individual hacking events.
Richard Hollis, managing director of security consultancy Orthus, said the number of Linux hacking tools has risen sharply too.
He said: "The rise in attacks on Linux servers is only due in part to the rise in popularity of them. It's a chicken-or-the-egg type of statistic. I would sooner credit the increase to the growing number of Linux hacking tools available over the web. Everyday there is a new one available for virtually every flavor of Linux.
"The tools are becoming increasingly easier to use and the companies are experiencing the results of this fact."
Mobile device testing, Ethical Hacking, Security testing, Vulnerability scanning. Able to identify vulnerabilities and recommend remediation. Able to ...
Active Directory, Exchange * Microsoft IIS Web Server * Intel Server Hardware * Backup products (Ideally Netvault) * Antivirus products (Ideally ...
In-depth experience of web applications, web portal technologies and security, advanced understanding of web vulnerabilities and countermeasures ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Nick Heath Your top HR tech priorities for next year revealed How to make human resources IT work for you
Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business