February 25, 2004

BSD - the world's safest OS

"London, UK - 19 February 2004, 17:30 GMT - A study by the mi2g Intelligence Unit reveals that the world's safest and most secure online server Operating System (OS) is proving to be the Open Source family of BSD (Berkley Software Distribution) and the Mac OS X based on Darwin. The study also reveals that Linux has become the most breached online server OS in the government and non-government spheres for the first time, while the number of successful hacker attacks against Microsoft Windows based servers have fallen consistently for the last ten months."

To read the rest, you have to buy the report, but ...

You can see more in the article below, from last year:

Linux is favourite hacker target: Study

By JACK KAPICA Globe and Mail Update
Friday, Sep. 12, 2003

Linux, not Microsoft Windows, remains the most-attacked operating system, a British security company reports.

During August, 67 per cent of all successful and verifiable digital attacks against on-line servers targeted Linux, followed by Microsoft Windows at 23.2 per cent. A total of 12,892 Linux on-line servers running e-business and information sites were successfully breached in that month, followed by 4,626 Windows servers, according to the report.

Just 360 - less than 2 per cent - of BSD Unix servers were successfully breached in August.

The data comes from the London-based mi2g Intelligence Unit, which has been collecting data on overt digital attacks since 1995 and verifying them. Its database has tracked more than 280,000 overt digital attacks and 7,900 hacker groups.

Linux remained the most attacked operating system on-line during the past year, with 51 per cent of all successful overt digital attacks.

Microsoft Windows servers belonging to governments, however, were the most attacked (51.4 per cent) followed by Linux (14.3 per cent) in August.

The economic damage from the attacks, in lost productivity and recovery costs, fell below average in August, to $707-million (U.S.).

The overall economic damage in August from overt and covert attacks as well as viruses and worms stood at an all-time high of $28.2-billion.

The Sobig and MSBlast malware that afflict Microsoft platforms contributed significantly to the record estimate.

"The proliferation of Linux within the on-line server community coupled with inadequate knowledge of how to keep that environment secure when running vulnerable third-party applications is contributing to a consistently higher proportion of compromised Linux servers," mi29 chairman D.K. Matai said.

"Microsoft deserves credit for having reduced the proportion of successful on-line hacker attacks perpetrated against Windows servers."

Addendum 12 June 2004: This May PR from mi2g gives a bit of an update:

"The May figures for manual and semi-automated hacking attacks - 18,847 - against online servers worldwide show signs of stabilisation in comparison to each of the three previous months. At present rates, the projected number of overt digital attacks carried out by hackers against online servers in 2004 will be only 2% up on the previous year and would stand at around 220,000. If this trend continues, it will mark the slowest growth rate for manual and semi-automated hacking attacks against online servers according to records that date back to 1995. This confirms that the dominant threat to the global digital eco-system is coming from malware as opposed to direct hacking attacks."

Posted by iang at February 25, 2004 11:18 AM | TrackBack