RNP - Rede Nacional de Ensino e Pesquisa

português | español


RNP News 

Security incidents at the academic network drop by half

RNP starts to disclose statistics on the area at each quarter

The Security Incident Response Team (CAIS) of the National Education and Research Network(RNP) recorded a drop in 50% of the safety incidents that involve the computer networks of the Brazilian academic and scientific communities, if one compares the first quarter of 2006 with the same period of 2007. This is one of the data that mare part of the statistics that the RNP starts to disclose every three months.

The 19,706 incidents observed by CAIS in that period of 2006 were reduced to 9,565 in the first quarter of 2007. In the initial months of 2006, CAIS did a pro-active identification and eradication job of infected machines – those with participation in botnets (infected and controlled computers at a distance by attackers) -, with the use of SNORT rules (system for the detection of intruders) developed by the staff itself. The institutions were informed by CAIS on the impaired machines and received guidance on how to proceed to solve the problem.

Among the main achievements of the attackers are the creation of botnets – that can control as many as 100,000 machines – and the activity of port scanning for the identification of vulnerable systems. Also detected in the first quarter of 2007 were over 200 switches of pages by others with non-authorized contents.

CAIS deals with safety incidents that took place only in the Ipê network, national academic and scientific infrastructure that connects around 350 teaching and research institutions.

[RNP, 04.19.2007]

News search