Mac OS least prone to attack

Apple Computer's Macintosh was among the computer operating systems least prone to attack and damage from malicious hackers,...

Apple Computer's Macintosh was among the computer operating systems least prone to attack and damage from malicious hackers, worms and viruses in 2002, while Microsoft's Windows and the Linux operating systems were the most vulnerable, according to a new report.

The report, by technology risk management company mi2g, presents data on the discovery of software vulnerabilities and incidents of digital attack for 2002.

Data from the report is taken from mi2g's SIPS (Security Intelligence Products & Systems) database, which stores information on more than 6,000 hacker groups reaching back to 1995.

According to the company, 1,162 new software vulnerabilities were discovered during the first 10 months of 2002, including vulnerabilities discovered in operating systems, server software, and third party applications. Of that number, fewer than 25 were attributable to the Macintosh operating system (OS).

Two different versions of Unix shared top honours with Macintosh with fewer than 25 vulnerabilities: Compaq Computer's Tru64 and The SCO Group's SCO Unix.

In contrast, Microsoft's Windows operating system accounted for the lion's share of new vulnerabilities, with more than 500 vulnerabilities discovered affecting Windows operating systems. More than 200 vulnerabilities were discovered that affected the Linux operating system, according to information released by mi2g, based in London.

The number of vulnerabilities reported by software vendors and users so far this year is lower than the 1,506 vulnerabilities discovered during the whole of last year. However, mi2g notes that the pace of discoveries is picking up, with 301 new vulnerabilities discovered in the month of October.

The report also found that 2002 was the worst year on record for digital attacks, with almost 58,000 attacks taking place during the first 10 months of the year, a 54% increase from the 31,322 attacks recorded in 2001.

The number of vulnerabilities discovered in an operating system, as opposed to market share, correlated with the likelihood of an operating system being attacked, mi2g found.

Macintosh, which is used on between 3% and 5% of the world's computers, was the target of only 31, or .05% of all overt digital attacks through October 2002. Microsoft Windows, which is on more than 90% of all computers, was the target of 31,431, or 54%, of those attacks.

The cumulative economic damage of such attacks, worldwide, was estimated to be $7.3bn (£4.7bn) according to mi2g. When taken together with so-called "covert" attacks such as worms and viruses, however, that figure grows to between $33bn (£21.1bn) and $40bn (£25.6bn).

Mi2g estimates economic damage by collecting information from a variety of sources and estimating the cost of lost productivity as well as losses stemming from property rights violations, liabilities and share price declines, according to the company. It also recommends creating new, trusted computing platforms and secure operating systems from scratch, rather than relying on patches to fix vulnerabilities.

Read more on Operating systems software