IT security incidents almost double

Security incidents nearly doubled in 2001 compared to 2000, according to statistics released by US computer and network security...

Security incidents nearly doubled in 2001 compared to 2000, according to statistics released by US computer and network security body, the Computer Emergency Response Team (CERT) Coordination Center.

While 2000 saw 21,756 security incidents, 52,658 such incidents were reported in 2001, the CERT Coordination Center said.

CERT issues regular statements about security vulnerabilities in software, as well as virus and worms outbreaks, offers advice on keeping computer systems secure and helps to coordinate responses to some security incidents. CERT also maintains a hotline for reporting security issues.

Security incidents, which CERT defines as any related set of security events, have increased nearly every year since CERT was founded in 1988. That trend has risen sharply in the last few years with nearly 10,000 incidents reported for 1999, more than 21,000 in 2001 and now nearly 53,000 such events in 2001.

Reports of security vulnerabilities in software have followed the same trend as security incidents with a steady upward trend showing more than twice as many vulnerabilities in 2001 as in 2000. In 2001, there were 2,437 security vulnerabilities reported compared to 2000's 1,090 vulnerabilities, in turn compared with 417 in 1999.

Last year also saw more serious security events than most previous years, according to CERT's figures. The body published 41serious security alerts in 2001, up from 26 in 2000. 2001's figure, however, did not beat the highest-ever yearly number of 53, recorded for 1996.

Security incidents are going up in part because more people are more aware of security and are reporting more incidents, according to Chad Dougherty, an Internet security analyst at CERT/CC.

"Security awareness is increasing and we're starting to see more attention [paid] to Internet security," he said.

Attacks on widely deployed software also played a role Dougherty said. Two worms, Code Red and Nimda, both attacked Microsoft's IIS (Internet Information Service) Web server platform in the last half of 2001. IIS is deployed on millions of servers worldwide.

Events like Code Red and Nimda, as well as CERT's overall numbers, play up the point that "everyone on the Internet is dependent on everyone else" for security, Dougherty said.

"We still have a way to go in software development and producing software that doesn't contain those vulnerabilities right out of the box," he said.

Read more on IT risk management