Cyber attacks to exceed 1,200 per day
By CHARLES F. MOREIRA
28th November 2001

PETALING JAYA: The number of "cyber attacks" worldwide will exceed 1,200 attacks per day by next year, according to Alex Turkington, Asia Pacific vice-president of network security specialist Top Layer Networks International.

"There were 600 attacks per day in May (this year), and grew to 800 per day in August," Turkington told reporters here this week.

Nearly 40% of businesses worldwide experienced an attack on their information systems within the last year.

Industry watchers the HTRC Group and Infonetics Research Inc found that 88% of businesses with over 100 employees considered denial-of-service (DoS) attacks a critical security threat, while 53% of businesses with less than 100 employees felt the same way.

A DoS attack floods a webserver, for example, with so many requests for information that it overloads.

Topping the list of threats are others like trojan horses (80%) and worms (77%), followed by DoS-related attacks like IP spoofing (67%), typical DoS attacks (66%), distributed-DoS (DDoS, 65%), flood attacks (63%), ping-of-death (60%), smurf (57%) and the non-DoS related session hijack (58%).

Combined estimates by several industry watchers put the cost of cyber attacks worldwide since February last year at US$1.2bil (RM17.33bil).

Estimated costs of a 24-hour server breakdown varied from US$2.1mil (RM7.98) for a telephone company to US$156mil (RM592bil) for an auction company.

Turkington was speaking to reporters at the local launch of Top Layer's new network security and management appliances' the AS3530 series IDS Balancer and the Attack Mitigator.

The two appliances are the first in a series of Top Layer products designed for specific functions. They are derived from the company's existing AppSwitch and AppSafe appliances, which contain six functions and thus cost between US$22,995 (RM89,680) to US$26,995 (RM102,581) each.

In contrast, the IDS Balancer, available now, has prices that begin at US$11,995 (RM45,581). Prices of the Attack Mitigator, which will be available in the first quarter next year, will begin at US$9,000 (RM34,200).

"Our customers use these devices in different quantities at different points in their networks, so having cheaper products with specific point-functions gives users more flexibility in deployment, rather than having integrated, multi-function appliances performing one function at each point," said Turkington.

IDS Balancer is an ASIC-based (application-specific integrated circuit) intrusion detection system (IDS) appliance which monitors traffic between an organisation's firewall and content servers.

It distributes the monitoring load between several intrusion monitoring servers or server groups to help avoid one of them being overwhelmed.

The ASIC-based Attack Mitigator appliance sits between an organisation's firewall and the Internet. It can filter out 15 types of malicious packets, including HTTP-type worms like Nimda and Code Red, coming from the Internet before they reach the firewall, thus relieving it of the load.

The Attack Mitigator protects against attacks generated from within an organisation's network, thus protecting the user against legal action.

Additional malicious packet signatures can be added to the Attack Mitigator.

Top Layer plans more such "point-products."

Meanwhile, the company said it expects to this year capture between 1% and 2% of the estimated Asia Pacific (excluding Japan) server load balancing market worth US$300mil (RM1.14bil). Its major competitors include Cisco and Nortel.

For more information, call Top Layer at (603) 5518-2200 or check out its website at www.toplayer.com.