Survey shows cyberattacks are getting more disruptive

Increasing number of incidents involve invading computer networks and defacing Web sites.

Cyberattacks that seek to penetrate computer networks or disrupt online services are increasing significantly, according to a survey of public and private sector information security and technology professionals released on Tuesday.

Infections from software designed to infiltrate or damage a computer system were "easily the most prevalent" type of cyberattack in 2009, the Computer Security Institute survey found. More than 64 percent of 443 respondents said they were victims of malware attacks, compared to 50 percent in 2008. Often these were multistage attacks, in which the malware downloaded separate tools to enhance the severity of the infection once inside the network, according to the report.

Eight percent of survey participants, or 34 people, worked for the federal government.

The San Francisco-based association noted that reports of malware infection are likely to continue climbing as attackers "spend more energy customizing malware to make it more effective in targeted attacks." Twenty-five percent of survey respondents reported at least some of their security incidents involved targeted attacks, and 4 percent said they experienced more than 10 such infiltrations.

Conversely, 34 percent of respondents were fraudulently represented as senders of phishing messages that tricked recipients into clicking a link or downloading an attachment that installed malicious software.

According to the report, 17 percent of respondents cited incidents of "password sniffing" from computer network traffic, compared to 9 percent in 2008. Fourteen percent said hackers defaced their Web sites, more than double last year. And 29 percent of respondents reported denial-of-service attacks, in which perpetrators bombard Web sites with heavy traffic in an effort to force them to shut down.

The increase in denial-of-service attacks from 21 percent in 2008 "is somewhat surprising, since [these] attacks are presumed to be far less profitable for attackers than data breaches and receive far less press and attention, unless experienced by a high-profile Web service," the survey authors stated. One example of a high-profile denial-of-service attack occurred in July, when perpetrators knocked a number of federal Web sites offline.

The most common response to a security incident was to patch vulnerable software or, to a lesser degree, patch or remediate other vulnerable hardware or applications. Less than half the respondents -- 43 percent and 46 percent respectively -- changed the organization's security policies or provided additional training to end users, the survey found.

"Respondents told us that security awareness training continues to be a weak spot in their organizations' security programs," the report stated.