zone-h.org, the agency that monitors and records cyber attacks, often uses intelligence from attackers themselves to think that Web servers are being attacked and the number of hacked sites is soaring-a trend that will intensify as more users adopt VoIP technology. But does this mean that the real catastrophe is merely an exaggerated phenomenon? From an IT professional's point of view, it's hard to say.
"Is there an increase in the number of attacks on network servers due to the increase in the number of network servers, or are there more vulnerabilities?" The Assistant Information security officer at the University of Texas, the founder of the antivirus Information exchange network, Paul Schmehl, said in reply to an e-mail: "If you listen to their explanation for this phenomenal increase, it's because there are more Web servers, not more vulnerabilities." The increase in the number of servers therefore causes an increase in the number of attacks on the server. Because there are always a percentage of servers that are vulnerable to attack because of negligence or other reasons. ”
The European Conference on Information Security, held in London this week, unveiled about 400,000 attacks worldwide over the past year. 2500 of the 45 million servers were successfully hacked every day, the report said. In a statement, the agency warned: "When voip/3g telephones become popular, it will likely increase to 80,000 attacks a day." ”
Zone-h's founder, Roberto Preatoni, said in a prepared statement: "Once the GSM phone platform is replaced by a voip/3g phone that works the same way as an Internet server (each with its own IP address), the number of servers will increase to 1.5 billion." Each phone/terminal will face the same vulnerabilities as a network server and a personal computer. With simple multiplication, it is possible to calculate a 80,000-day hacker attack on devices with important data. ”
Hacking can even turn the phone/terminal into a remotely controlled eavesdropping device, causing a complete loss of privacy and opening a path for a large number of industrial spies.
The agency lists the following data:
392,545 network server attacks occurred in 2004, up 36% from the previous year;
In 2004, 70,357 incidents of single black incident and 233188 large area of black events occurred;
186 attacks specifically targeting the United States government servers;
3918 attacks on computer domains of vulnerable government agencies in the global context, as well as 194905 single IP attacks between 2000 and 2004.
Zone-h said its database includes several years of information on nearly millions of server attacks, and its volunteers received 2500 attacks a day. Zone-h analyzes and records information such as the timestamp of the attack, the software version of the Web server, the operating system, the attacker's motives and other technical details.
Preatoni added that Zone-h has 50 permanent support staff in various time zones around the world, whose job is to confirm and eventually record the reported attack, and 99% of the attacks are reported by the attackers themselves. In the attackers ' world, it has become customary for the attackers to have more attention to their interests, for their own good.
He says anyone can anonymously notify Zone-h about a server attack, and he only needs to visit ZONE-H's notification page. Zone-h says it does not block, advertise, or participate in attacks that are recorded in its database.
For Preatoni's warning about VoIP, Schmehl said: "I don't know much about VoIP, whether 3G phones have servers or just the clients." In addition, if it is a server, does it have active content (active) functionality? ”
If not, he added, there would be little point in discussing the issue. They have their own IP address and each of them has a network server is very far.
"In general, this sounds similar to the usual use of FUD (fear, uncertainty, suspicion---, or psychological terror tactics) to promote security solutions. ”