|
Public CSIRT related Statistics |
| (News) (Tools) (Service) | |
| eCSIRT.net > Services > Public Statistics |
As part of our working package 4 (WP4) we have collected links of publicly available statistics on computer security incidents.
Due to the fact that data on computer security incidents is usually treated highly confidential, public statistics on incidents are very rare and mostly not very detailed. But there are i.e. annual crime statistics of certain countries which have sections about so called cybercrime.
These do give some information on the type of incidents and show the amount of incidents.
If you know of any further public statistic that is not mentioned here than please notify us at: ecsirt@pre-secure.com.
Annual surveys among many different organisations by AusCERT for 2002 and 2003.
The statistics of CERT/CC are quite detailed. They show numbers of incidents reported, vulnerabilities reported, security alerts published, security notes published, mail messages handled and hotline calls received.
CERT-NL collects statistics since 1988. The incidents are sorted by type and specific groups.
CERT Polska's publicly available statistics from their early warning system ARAKIS that monitors some of the address space assigned to Polish networks. The system is meant to detect anomalies in large scale networks - primarily scanning activity as in new worms, mass exploits, botnets etc., in polish.
The statistics for this team are much more detailed in regard to incident categories and are given per month.
JANET-CERT collects statistics since 1997. They also sort incidents by type and specific groups.
LITNET CERTs provides statistics since 2001, only 2003 are in English - but provide interesting data about malicious code activities.
MyCERT collects statistics since 1997.
JPCERT/CC watches network traffic and reports trend information on their web site.
SWITCH monitors three /17 IP address ranges and collect the statistical information about the IP packets designated to these addresses.
"Distributed Intrusion Detection System". Offers a query, whether an IP is in a database of attacking IPs. ("Are you cracked") http://www.dshield.org/warning_explanation.php.
Works on a freewill basis, but receives some support from sans.org
Our own statistics of Incidents handled by a group of European CSIRTs and some more statistics from a widely distributed Intrusion Detection System with sensors in different national research networks. (Results from the official eCSIRT.net project - 2002/2003)
Statistic on attacks directed at the Honeynet.
Here you will find information only on how many exploits have been published rather than actual attacks.
Same statistics as provided by MyCERT.
Statistics similar to dshield.org. Both websites are operated by the SANS Institute.
Korean site with some statistics, unfortunately mostly in Korean language.
Annual german crime statistics with quite detailed section on so called cybercrime. Not all statistics are available in English.
You will find the latest report on computer crimes published by the Federal Police at: http://www.bka.de/lageberichte/index-iuk.html, in German.
Here you will find the annual 2003 CSI/FBI Computer Crime and Security Survey. The CSI freely admits, the survey is not intended to be scientific in any way. Rather, it is intended to "heighten security awareness, promote information protection, and encourage cooperation between law enforcement and the private sector." There is quite a wide range of spreadsheets, but also very detailed information. I.e. interesting numbers of cost of cyber crime!
The 2002 survey, the associated press release and a CNN report on the survey 2002.
The 2001 survey.
The 2000 survey.
On the website are statistics of number of attacks and scans detected by IDS and Firewall installed at Internet connection points of various Japanese police institutes.
The DHS has included a "Threat Level" indicator on their homepage.
The F-Secure website offers some statistics on viruses & worms.
Offers the KES/KPMG-Security study 2002 part one and part two (KES/KPMG-Sicherheitsstudie 2002), in German.
Statistics for specific viruses. And the Symantec Internet Security Threat Report Volume III.
Virus infections.
The WormWatch.org website by TruSecure offers some good statistics on internet worms.
An article on the Information Security Industry Survey which the magazine Information Security made in 2001. It gives some intresting numbers and spreadsheets on expenses spend by companies for IT security.
A dissertation submitted by John D. Howard in 1997, that analyzed trends in Internet security through an investigation of 4,299 security-related incidents on the Internet reported to the CERT Coordination Center (CERT/CC) from 1989 to 1995.
An article on Incident Cost Analysis written by David A. Dittrich in 2002.
Offers a very wide scope of information (about web-defacements, arrests, etc.) There are less spreadsheets and some numbers from Symantec are used here.
Security survey of approximately 2200 computing systems on the Internet that Dan Farmer did in November-December of 1996.
| eCSIRT.net > Services > Public Statistics | |
| (News) (Tools) (Service) |
 eCSIRT.net
The European Computer Security Incident Response Team Network News | Sitemap | Imprint | Privacy Statement | Contact | Top Last changed: November 26, 2004 / AL Copyright © 2002-2004 by PRESECURE Consulting GmbH, Germany |
Signed with PGP! 
|