The research, done on behalf of the Infosecurity Europe Conference taking place April 26-28, found that 392,545 cybercrime attacks were committed last year, representing a 36 percent increase compared to 2003.
The report revealed that around 2,500 of the world’s 45 million servers are hacked every day.
The majority of attacks are web defacements, in which the public-facing pages on a site are changed to carry a message spelling out which hacker or group is responsible — the cyber equivalent of a graffiti artist “tagging” a wall.
But “defacement is just one option for an attacker,” according to Zone-H founder Roberto Preatoni.
“In most circumstances, the techniques used by defacers are the same used by serious criminals to cause damage,” Preatoni said.
The figures show that around 55 percent of the attacks exploited known bugs or vulnerabilities as well as administrative mistakes.
The report also attempts to provide some insight into the motivations for the attacks. Often, groups of six or seven hackers will compete with rival groups to commit the most talked about site attacks, other do it to make political statements or for more nefarious reasons, such as to gain access to private information.
Preatoni predicted that attacks soon will become more frequent, potentially ballooning to as many as 80,000 attacks per day with the growing adoption of 3G and VoIP devices, which work much like web servers.
“Each of these phones will potentially be subject to the same vulnerabilities as traditional web servers and personal computers,” he noted. This “could even turn the phones into remote-control snooping devices, leading to a complete loss of privacy.”
The report suggests that attacks rise steeply during holidays and school breaks, leading some analysts to believe school-aged hackers are to blame.
“If you look at the motive, it’s mostly just kids, students on both sides attacking government sites or politicized companies,” said security expert Bruce Schneier, speaking at Infosecurity.
While Preatoni agrees that “a lot of 15- and 16-year-old guys are smart enough and have strong political opinions,” he dismissed Schneier’s assessment as being ridiculous.
“He doesn’t know what he’s talking about,” Preatoni said, citing the case of iSKORPiTX, a hacker responsible for taking control of an Alaska airport website and replacing arrival and departure times with a picture of the Turkish flag. He was who is believed to be 45 years old.