Hacker activity is on the wane, observers say

Hacker activity is on the wane, observers say

Have hackers been taking a holiday?

'It's an impression rather than any empirical data,' said David Kennedy, director of research at TruSecure Corp. of Herndon, Va., but 'malicious traffic, if not down, is not increasing at the rate it was earlier.'

Some observers agreed.

There was less port scanning and fewer worms toward the end of 2001, 'during what has been a peak period in the past,' said Bill Wall, chief security engineer for Harris Corp. of Melbourne, Fla.

Wall based his comments on activity in the Harris network and those of customers. He said there also were fewer downloads from the company's Web site than he would expect during heavy hacker activity.

Wall, formerly with the Air Force's Computer Emergency Response Team, called December 'a busy time' for hacker activity because students are on vacation.

Fewest in three years

The Federal Computer Incident Response Center, the government's central point for responding to attacks, reported only 15 incidents in December. Although not a comprehensive count, that is the lowest incident report in the last 36 months. Wall speculated that higher alertness after Sept. 11 and increased fears of prosecution might play a part.

'A lot of people who used to be protected by civil libertarians don't feel protected now,' he said.

Alan Paller, director of the SANS Institute of Bethesda, Md., said it has become 'uncool for hackers to gratuitously hurt people.'

Whatever the reason, nobody is ready to declare victory in the security wars. 'I'm not saying this is a trend downward,' Wall said.

Paller, who said he had noted a decline last fall, added, 'There is new stuff happening that says the honeymoon is probably over.'

Computer Network Operations for the U.S. Space Command reported no change.

'The level of scanning and intrusion attempts against Defense Department networks remains steady, to the tune of about 40,000 this past year,' spokesman Maj. Barry Venable said. 'Folks attempt to intrude on DOD networks every day.'

The CERT Coordinating Center at the Software Engineering Institute at Pittsburgh's Carnegie Mellon University also noticed no overall decline. 'Certainly 2001 was very busy for widespread worm incidents,' said Chad Dougherty, security analyst at the clearinghouse for information on cyberthreats and fixes.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above