Riptech Releases Elite Hacker Profile

Internet managed security firm Riptech, Inc., has released volume II of its Internet Security Threat Report, showing that Internet attacks grew at an annualized rate of 64 percent in the period in the first six months of this year and provides what the Alexandria, Va.-based company calls the “first insight into U.S. designated terrorist states’ cyber-attack volume and patterns.”

Riptech notes in the report that attacks originating from these areas exhibit different scan patterns than those from other nations.

The report cuts through the massive volume of low-impact malicious activities to reveal a highly focused, small demographic of elite hackers. Comprising less than one percent of all cyber assailants, these hackers are marked by a high number of attack signatures, extended attack duration, and their focus on a small number of select targets.

Providing a new twist on the known Code Red worm, the report points to new evidence of smoke screen attacks. It notes a small percent of Code Red attacks originated from UNIX systems, which is technically impossible. This finding raises concern about known attack complacency and the potential vulnerability posed by emerging smoke screen attack strategies.

Derived from a sample set of more than 400 companies in over 30 countries throughout the world, the Riptech report is based on the world’s largest repository of cyber-attack data. Based on the empirical analysis of actual cyber attacks detected against a global sample of security devices, the report provides a detailed analysis of attack trends that affect the entire Internet, specific industries, and individual corporations.

Key metrics from the report include:

  • U.S. designated terrorist states with the most cyber-attack activity included: Iran, Pakistan, Egypt, Kuwait, and Indonesia
  • ;

  • Highly aggressive attacks were 26 times more likely to result in a severe attack than moderately aggressive attacks
  • ;

  • 70 percent of power and energy companies suffered a severe attack, as opposed to 57 percent in the prior six-month period
  • ;

  • Public companies were twice as likely to experience at least one severe attack and twice as likely to suffer a highly aggressive attack than private, nonprofit, and government entities combined
  • ;

  • 80 percent of all attacks originated from only 10 countries, up from 70 percent during the prior six-month period: United States, Germany, South Korea, China, France, Canada, Italy, Taiwan, Great Britain, and Japan
  • ; and

  • 99.9 percent of attack scans are focused on only 20 services, suggesting that the vast majority of attacker reconnaissance is focused on a relatively few amount of entry points
  • .

    Trends presented in the report are made possible by Riptech’s security monitoring service. The company provides management, monitoring, analysis, and response against suspicious activities detected across firewalls, VPNs, and IDS. Volume II of the Internet Security Threat Report is available on Riptech’s Web site at

    Previous articleVPN Client for Pocket PC Released
    Next article415

    News Around the Web