Hack attacks on Linux sites rocket

NEWS Attacks on Linux-based websites have risen dramatically over the past year. A study by UK security consultancy mi2g found 7,630 attacks on Linux systems during the first half of 2002 in comparison to just 5,736 for the whole of 2001. The report described the attacks as "overt hacking attacks", which include website defacements and bulletin board modifications. The study did not include any damage caused by worms, viruses or other malware. The company claimed the reason for the sudden rise in the number of attacks is threefold. D K Matai, CEO of mi2g, said: "The number of machines running on Linux systems has increased a lot and so have the attacks. Secondly the open source software running on top of Linux OS is often vulnerable to attacks. And finally OS system admins have been slack to pay attention to vulnerabilities. They have failed to patch the systems." The report also found that attacks on Microsoft's IIS server dropped by 20 per cent during the first half of 2002 to 9,404, from 11,828 during the same period last year. Matai said: "Hackers always go for the low hanging fruit - if it is easier to hack into open source systems, they will do it. Those system admins running IIS are paying more attention to the vulnerabilities because of the mass publicity last year." mi2g's Security Intelligence Products and Systems (SIPS) database has information on more than 6,000 hacker groups and maintains a record of more than 60,000 individual hacking events. Richard Hollis, managing director of security consultancy Orthus, said the number of Linux hacking tools has risen sharply too. He said: "The rise in attacks on Linux servers is only due in part to the rise in popularity of them. It's a chicken-or-the-egg type of statistic. I would sooner credit the increase to the growing number of Linux hacking tools available over the web. Everyday there is a new one available for virtually every flavor of Linux. "The tools are becoming increasingly easier to use and the companies are experiencing the results of this fact."