Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.

ATLANTA, July 14, 2003 -- Internet Security Systems, Inc. (ISS) (Nasdaq: ISSX), today releases its Internet Risk Impact Summary Report (IRIS) for the second quarter of 2003, which reveals that the number of serious security incidents increased by 13.7 percent from the first quarter. While low-level hacking activity decreased slightly, ISS X-Force™ researchers attribute the increase in confirmed security incidents to a larger number of threats that take advantage of known vulnerabilities. Over the past two quarters, the gap between methods of attack, known as threats, and vulnerabilities in software and systems has narrowed. Hacking activity takes advantage of this narrowed gap, using older threats and techniques that are widely known by hackers, but not patched by IT departments and thus still open to attack.

"Historically, the number of vulnerabilities has outpaced threats. The increase in threats is overwhelming companies that cannot keep up with the demands of patching systems," says Chris Rouland, vice president of Internet Security Systems’ X-Force security intelligence team. "The challenge most companies must deal with is discovering and protecting the most critical risks within their organizations. As a long-term goal, they need to minimize vulnerabilities, as hackers will try to attack less-protected systems and emerging platforms."

ISS’ IRIS is the only quarterly report to provide cyber attack trends based on factors such as the industry’s largest number of monitored security devices, actual attacks detected and researched vulnerabilities.

Highlights and Report Findings:
· Security Trends: The X-Force expects an increasing risk from attackers targeting emerging
Internet communities, especially users that make use of broadband access from a home office, wireless technologies, and file sharing and messaging applications. This increased risk is also a result of corporate laptops and workstations being used outside the organization on home-based broadband networks.

HTTP, SNMP In, SMTP, and FTP are ports targeted and used often by attackers. While FTP and HTTP are still among the top-ten attack destinations, attacks have decreased on these ports by an average of 46 percent and 96 percent over the last six quarters. This is likely due to patching of vulnerable code-bases and better protection of the FTP and HTTP ports in particular.

Security Events: 24.5 percent of security events occurred over weekends in the second
quarter of 2003. Wednesday showed the highest rate of security events, registering an average of 1,809,222.

After tracking 20 industry sectors targeted by attacks in the second quarter, the following major industries ranked in the following order of most to least attacked. Services – 24.23 percent; Financial & Insurance Services – 19.43 percent; Retail – 15.69 percent; Manufacturing –10.6 percent; Federal, State and Local Government – 7.56 percent; Food & Drug – 5.16 percent; Information Technology – 4.26 percent; Healthcare – 2.86 percent.

· Vulnerabilities: ISS added 727 new vulnerabilities to the X-Force database, a 20 percent
increase compared to Q1 2003 when 606 new vulnerabilities where added.

The vulnerabilities for Q2 2003 were classified into the following risk levels: 209 High, 377 Medium and 141 Low. High security issues are those that allow immediate remote or local access, or immediate execution of code or commands with unauthorized privileges.

· Worms and Hybrid Threats: The gap narrowed between vulnerabilities and threats for the
second consecutive quarter:
- 654 threats were identified in Q2 2003 compared to 727 vulnerabilities in Q2 2003
- 752 threats were identified in Q1 2003 compared to 606 vulnerabilities in Q1 2003
- Historically, from Q1 through Q4 2002: 494 threats compared to 2,374

· AlertConSM Risk Levels: During the second quarter of 2003, ISS observed 83 days at
AlertCon 1, 8 days at AlertCon 2, and 0 days at AlertCon 3 and 0 days at AlertCon 4, which is reserved for the most severe attacks.

Investigation of an exploit for the Sendmail Email Processing Vulnerability resulted in four days at AlertCon 2. In addition, the acceleration of Bugbear.B worm’s infection rate in the first 24 hours of propagation raised the threat to AlertCon 2 for four days.

The X-Force Daily AlertCon, a measure of current and forecasted Internet threats, is available on the ISS Web site at Determined by the X-Force, the AlertCon level (1-4) provides a real-time indication of the Internet threat environment. The daily AlertCon level helps customers quickly determine the prevailing Internet threat condition and review critical security details.

The complete Q2 2003 Internet Risk Impact Summary Report is available for free download on Internet Security Systems’ Web site at For more information on the latest security protection including response strategies to hybrid threats, ISS white papers are available online at

X-Force Internet Risk Impact Summary Report Methodology
Developed by the X-Force, Internet Security Systems’ world-leading security intelligence organization, each IRIS report includes statistical data and trend analysis derived from examining more than 400 network and server-based intrusion detection sensors. This data was gathered on a 24/7 basis from April 1 to June 30, 2003. This international sample is drawn from four continents and represents all major industries including banking/insurance, telecommunications, manufacturing/retail/food, entertainment, healthcare, government, utilities, transportation/aviation, and information technology. In operation since 2001, Internet Security Systems’ X-Force Global Threat Operations Center (GTOC) based in Atlanta analyzes the security data for this report gathered from ISS’ five security operations centers (SOCs) located around the world. The IRIS report also includes X-Force laboratory research, and industry information gathered from interaction with top government, industry, and acad
emic sources to detail the most accurate and holistic Internet threat assessment in the industry.

About Internet Security Systems’ X-Force
Internet Security Systems’ X-Force is a world-leading organization of security experts dedicated to researching, alerting and educating customers, partners and the public on the state of global Internet threats and attacks. The X-Force identifies, assesses, and measures the severity of Internet threats and vulnerabilities and monitors security incidents. X-Force Professional Security Services also includes consulting and professional service offerings – security assessments, penetration testing and emergency response services. X-Force findings, accompanied by technical recommendations and protection strategies as well as other industry alerts and advisories, are available through Internet Security Systems’ online security center at

About Internet Security Systems, Inc.
Internet Security Systems, Inc. (ISS) (Nasdaq: ISSX) is the world leader in Dynamic Threat Protection™ products and services that protect critical information assets from an ever-changing spectrum of threats and misuse. Products from Internet Security Systems dynamically detect, prevent and respond to sophisticated threats to networks, servers and desktops. Services include 24/7 system monitoring, emergency response and access to the X-Force, Internet Security Systems’ renowned research and development team. Internet Security Systems is the trusted security provider for more than 11,000 corporate customers, including all of the Fortune 50, the top 10 largest U.S. securities firms, 10 of the world’s largest telecommunications companies and major agencies and departments within U.S. local, state and federal governments. Headquartered in Atlanta, Ga., Internet Security Systems has additional operations throughout the Americas, Asia, Australia, Europe and the Middle East. For mor
e information, visit or call 0800 085 2976.

For more information on Internet Security Systems, please contact:
UK: Richard Millar, UK/Ireland Sales and Marketing Director
Tel: +44 (0)20 7653 9191,

EMEA: Andrea Andernach, EMEA PR & Events Co-ordinator
Tel: +32 (0)2 479 67 97,

UK/Ireland press contacts for Internet Security Systems are:
Technology: Jane Lee, Dexterity
Tel: +44 (0)1273 470199,

Business: Andrew Smith, Object Marketing Ltd.
Tel: +44 (0)20 8762 9292,

Internet Security Systems, X-Force and Dynamic Threat Protection are trademarks and AlertCon is a service mark of Internet Security Systems, Inc. All other companies and products mentioned are trademarks and property of their respective owners.

This press release was distributed by ResponseSource Press Release Wire on behalf of Object Marketing in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit