CERT: Security incidents nearly double in 2001

Total security incidents nearly doubled in 2001 compared to the prior year, according to statistics released Friday by the federally funded computer and network security body, the Computer Emergency Response Team (CERT) Coordination Center.

While 2000 saw 21,756 security incidents, 52,658 such incidents were reported in 2001, CERT/CC said.

CERT/CC, based at Pittsburgh's Carnegie Mellon University, issues regular advisories about security vulnerabilities in software, as well as virus and worms outbreaks, offers tips on keeping computer systems secure and helps to coordinate responses to some security incidents. CERT/CC also maintains a hotline for reporting security issues.

Security incidents, which are defined by the organization as any related set of security events, be they a large-scale virus outbreak or a much smaller one, have risen nearly every year since CERT's founding in 1988. That trend has risen sharply in the last few years with nearly 10,000 incidents reported for 1999, more than 21,000 in 2001 and now nearly 53,000 such events in 2001.

Reports of security vulnerabilities in software have followed the same trend as security incidents, as well, with a steady upward trend capped in 2001, which featured more than twice as many vulnerabilities as 2000. In 2001, there were 2,437 security vulnerabilities reported compared to 2000's 1,090 vulnerabilities and sharply up over 1999's 417.

Last year also saw more serious security events than most previous years, according to CERT/CC's figures. The body published 41 security alerts, it's most serious notification of security problems, in 2001, up from 26 in 2000. 2001's figure, however, did not best the single-year high mark of 53, set in 1996.

Security incidents are going up in part because more people are more aware of security and are reporting more incidents, according to Chad Dougherty, an Internet security analyst at CERT/CC.

"Security awareness is increasing and we're starting to see more attention (paid) to Internet security," he said.

Also playing a role in the increase in security events in 2001, were attacks on widely deployed software, Dougherty said. Two worms, Code Red and Nimda, both attacked Microsoft Corp. IIS (Internet Information Service) Web server platform in the last half of 2001. IIS is deployed on millions of servers worldwide.

Events like Code Red and Nimda, as well as CERT's overall numbers, play up the point that "everyone on the Internet is dependent on everyone else" for security, Dougherty said.

Although declining to make a prediction about this year, Dougherty expects that the rise in security incidents "is a trend we'll see increasing as time goes on."

"We still have a ways to go in software development and producing software that doesn't contain those vulnerabilities right out of the box," he said.

Dougherty advised users to check CERT's Web site, where the organization has posted papers on how to improve computer security, especially for home users.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Sam Costello

Computerworld
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?