Hackers Most Active Around Christmas, Rest During Other Months

According to security professionals, cyber criminals like spammers prefer unleashing their assaults at the time when no one would be minding the store, therefore hackers consider Christmas as the most appropriate period of the year to strike.

A survey conducted by 'Tufin Technologies' a security company in Israel found that the majority of malevolent Internet activities occurred during the holiday period of Christmas till New Year.

According to the survey that interviewed computer hackers at the Las Vegas held Defcon hacker conference in August 2009, 81% of respondents operated more vigorously when people were in their winter vacations; 56% said that Christmas was the most appropriate period to hack corporate computers, while 25% cited New Year's Eve, the most appropriate.

Tufin states that attendees at Defcon remain anonymous, but it was evident that those participating in the survey possibly comprised ethical law enforcement, security officials and blackhat hackers.

During the vacation when there are staff shortages in organizations since employees go out on holiday trips, hackers find it their favorite time to strike. Michael Hamelin, Chief Security Architect at an Israeli firm Ramat Gan, said that the number of people actually performing company tasks during holidays was considerably low, as reported by PCWorld on August 25, 2009.

Hamelin added that the trend was of targeting a larger audience when users might be lowering their security around Christmas, sharing holiday e-mails and shopping online.

Although only 11% of survey participants stated that the most suitable period for hacking organizations was the summer, a number of strikes had been launched during July-August, for instance - the Koobface worm attack against Facebook in 2008, along with its precursors Blaster, Zotob and Sobig.

Moreover, 96% of respondents felt that organizations were uselessly spending funds on safety measures in case security professionals missed configuring and monitoring corporate firewalls.

86% of participants believed that they could effectively penetrate firewalls to hijack a network, 25% felt that was possible in minutes, 14% in some hours.

Thus, according to security experts, organizations, which concentrate on compliance, need to realize that it is IT security which needs greater attention.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 9/10/2009