Apple Computer's Macintosh was among the computer operating systems
least prone to attack and damage from malicious hackers, worms and
viruses in 2002, while Microsoft's Windows and the Linux operating
systems were the most vulnerable, according to a new report.
The report, by technology risk management company mi2g, presents
data on the discovery of software vulnerabilities and incidents of
digital attack for 2002.
Data from the report is taken from mi2g's SIPS (Security
Intelligence Products & Systems) database, which stores
information on more than 6,000 hacker groups reaching back to
1995.
According to the company, 1,162 new software vulnerabilities were
discovered during the first 10 months of 2002, including
vulnerabilities discovered in operating systems, server software,
and third party applications. Of that number, fewer than 25 were
attributable to the Macintosh operating system (OS).
Two different versions of Unix shared top honours with Macintosh
with fewer than 25 vulnerabilities: Compaq Computer's Tru64 and The
SCO Group's SCO Unix.
In contrast, Microsoft's Windows operating system accounted for the
lion's share of new vulnerabilities, with more than 500
vulnerabilities discovered affecting Windows operating systems.
More than 200 vulnerabilities were discovered that affected the
Linux operating system, according to information released by mi2g,
based in London.
The number of vulnerabilities reported by software vendors and
users so far this year is lower than the 1,506 vulnerabilities
discovered during the whole of last year. However, mi2g notes that
the pace of discoveries is picking up, with 301 new vulnerabilities
discovered in the month of October.
The report also found that 2002 was the worst year on record for
digital attacks, with almost 58,000 attacks taking place during the
first 10 months of the year, a 54% increase from the 31,322 attacks
recorded in 2001.
The number of vulnerabilities discovered in an operating system, as
opposed to market share, correlated with the likelihood of an
operating system being attacked, mi2g found.
Macintosh, which is used on between 3% and 5% of the world's
computers, was the target of only 31, or .05% of all overt digital
attacks through October 2002. Microsoft Windows, which is on more
than 90% of all computers, was the target of 31,431, or 54%, of
those attacks.
The cumulative economic damage of such attacks, worldwide, was
estimated to be $7.3bn (£4.7bn) according to mi2g. When taken
together with so-called "covert" attacks such as worms and viruses,
however, that figure grows to between $33bn (£21.1bn) and $40bn
(£25.6bn).
Mi2g estimates economic damage by collecting information from a
variety of sources and estimating the cost of lost productivity as
well as losses stemming from property rights violations,
liabilities and share price declines, according to the company. It
also recommends creating new, trusted computing platforms and
secure operating systems from scratch, rather than relying on
patches to fix vulnerabilities.