With three months still remaining in 2001, the number of security incidents reported to CERTs coordination center in 2001 has already soared past the totals for 2000, according to statistics released by the organization on Monday.
So far this year, 34,754 attacks have been reported to CERT -- a 60 percent increase over the 21,756 incidents logged by the organization in all of 2000. If the incident reports continue at the current pace, 2001 could see more than 46,000 reported security attacks, more than twice the number of such breaches reported in 2000.
The CERT defines an incident as "attempts, either failed or successful, to gain unauthorized access to a system or its data."
The security centers report did not include analysis of the possible causes of the rise in reported incidents. Besides an increase in the number of attacks, the totals could also be affected by an increase in the number of sites participating in CERTs incident reporting system.
CERT officials were not immediately available for comment.
Internet security this year has been threatened by several self-propagating worms that targeted Internet servers and spread widely, including multiple versions of Code Red and Nimda.
In its annual report last year, CERT listed denial of service attacks, BIND domain-name-system-software vulnerabilities and the LoveLetter worm among the "most serious intruder activities" reported to CERT in 2000.
CERTs latest statistics also reveal a sharp rise in the number of software vulnerabilities reported to the Internet security center.
So far this year, 1,820 security vulnerabilities were logged by CERT, a 66 percent rise over the 1,090 reported during 2000. Both years show a marked increase over previous annual vulnerability report totals. From 1995 through 1999, an average of 300 security bugs were reported each year.
Brian McWilliams, Newsbytes
