X
Business
Home Business Tech Industry

CERT: Security flaw reports increasing

The number of reported computer system security flaws has increased dramatically, according to the CERT Coordination Centre
Written by Vivienne Fisher, Contributor

A dramatic increase in the number of reported computer system vulnerabilities has the global IT industry spooked, but the world's leading security authority said there is an upside to this threat.

Larry Rogers, a senior member of the technical staff at the US-based CERT Coordination Centre, told ZDNet Australia that for the 2001 calendar year, there were 2437 vulnerabilities reported. This compares with 1090 reported in 2000.

For the first three months of this year, 1065 had been reported, Rogers said.

What is responsible for such alarming growth in reported system vulnerabilities?

Rogers believes that there has been an increased awareness of security issues among businesses for a variety of reasons, including the 11 September terror attacks on the United States.

Threats posed by vulnerabilities have been on the radar of many businesses over recent months. Last week a Danish security research organisation warned users of a recently discovered software flaw which could leave their systems open to malicious code carried on Web pages or in emails.

There has also been an alert about a BIND vulnerability which could trigger a denial-of-service attack, and a growing number of virus warnings.

The CERT Coordination Centre, which studies Internet security vulnerabilities, handles computer security incidents and publishes security alerts, published 37 advisories during 2001, up from 26 for the previous year, Rogers said.

He said advisories were issued in response to both program vulnerabilities or configuration errors. "In some cases the person who finds it will report it to us, or we may read about it on some of the more widely known email lists," he explained. Vendors also report problems to CERT, Rogers said, which it then shares anonymously with other vendors before issuing an advisory.

According to Rogers, the vast majority of its constituency were professional system administrators, although others such as vendors also subscribe to its lists.

For all security-related news, including updates on the latest viruses, hacking exploits and patches, check out ZDNet UK's Viruses and Hacking News Section.

Have your say instantly, and see what others have said. Go to the Security forum.

Let the editors know what you think in the Mailroom.

Editorial standards
Show Comments

Related

Microsoft Copilot

7 reasons I use Copilot instead of ChatGPT

pxl-20240424-181716738

Facebook's Meta AI is lying when it says you can disable it - but here's what you can do

asus-zenbook-14-main

The work laptop I recommend to most people is not made by Apple or Lenovo