Report: Net attacks increasing
Network protection company Internet Security Systems concludes in a new report that threats are getting worse.
The survey found that 725 new software flaws in the third quarter of this year, down slightly from 727 found in the second quarter. However, the 823 new worms and viruses that appeared between July 1 and September represented a 26 percent increase from the previous three months.
"The window of time between vulnerability disclosure and the release of a working exploit continues to shrink, leaving enterprises with even less time to learn about and prevent attacks," Chris Rouland, vice president of Internet Security Systems' vulnerability research team, said in a prepared statement.
 | ||||
| | | ||
| Get Up to Speed on... Enterprise security  Get the latest headlines and company-specific news in our expanded GUTS section. | | ||
| ||||
| ||||
The conclusion meshes with previous reports. Security software maker Symantec also pointed to anecdotal evidence that the time was shrinking between the first public mention of details of a software flaw and the release of code exploiting the flaw. Three serious Internet attacks--MSBlast, MSBlast.D and SoBig.F--struck in August.
Not all experts agree, however. The Computer Emergency Response Team (CERT) Coordination Center's latest report indicates that the number of flaws that will appear in 2003 is likely to be smaller than in 2002. That's a first: Between 1999 and 2002, the number of vulnerabilities recorded by CERT roughly doubled every year.