<
 
 
 
 
×
>
hide
You are viewing a Web site, archived on 04:19:17 Oct 15, 2004. It is now a Federal record managed by the National Archives and Records Administration.
External links, forms, and search boxes may not function within this collection.
US-CERT

Statistics on Federal Incident Reports

These incident statistics, available from January 1999 through June 2004, are provided for reference only.

2004 Incident Statistics
Type Jan Feb Mar Apr May Jun
Root Compromise
12
7 45 3
4
2
User Compromise
4
7
18
144
6
4
Denial of Service
2
0
0
2
0
431
Malicious Code
3,645
71,970
666,343
642
1995
880,167
Web Site Defacement
14
0
1
3
4
6
Misuse of Resources
8
3
4
5
9
6
Other
697,934
326,128
1,166,141
378,113
1007
863789
Reconnaissance Activity
153,611
372,968
47,306
2,567
836
54,290,346
Monthly Totals
855,230
771,083
1,879,858
381,479
3861
56,034,751

2003 Incident Statistics
Type Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Yearly Totals
Root Compromise
11
10
25
30 
17 
11 
137 
User Compromise
3
8
3
530 
10 
11 
587 
Denial of Service
2
6
6
25 
Malicious Code
24
161
16
12,006 
206 
24 
14,993 
687 
38,280 
29,170 
95,732 
191,306 
Web Site Defacement
9
12
7
19 
90 
Misuse of Resources
1
0
0
21 
26 
Other
108
284
714
33 
22 
194 
927 
187,273 
345,739 
535,304 
Reconnaissance Activity
2,892
8,638
20,349
10,115 
35,112 
7,742 
24,943 
17,889 
203,853 
91,254 
22,824 
260,830 
706,441 
Monthly Totals
3,050
9,119
21,120
10,169 
47,171 
7,983 
24,986 
33,439
204,756 
130,476 
239,290 
702,357 
1,433,916 

2002 Incident Statistics
Type Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Yearly Totals
Root Compromise
3
1
13
17
6
4
21
15
11
19
3
12
125
User Compromise
6
5
49
3
2
1
0
8
7
15
4
11
111
Denial of Service
0
2
0
4
5
2
2
0
3
10
3
5
36
Malicious Code
7
2
70
8
2
5
40
9
24
19
9
70
265
Web Site Defacement
2
1
1
7
10
1
3
2
12
2
3
2
46
Misuse of Resources
3
6
0
13
1
1
1
6
2
5
0
1
39
Other
7
7
0
0
5
6
3
68
281
335
326
230
1268
Reconnaissance Activity
75
90
42,147
4
12
26
203,064
30,812
68,356
92,121
21,090
30,203
488,000
Monthly Totals
103
114
42,280
56
43
46
203,134
30,920
68,696
92,526
21,438
30,534
489,890

2001 Incident Statistics
Type Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Yearly Totals
Root Compromise
30
8
17
28
1
2
1
7
5
1
1
0
101
User Compromise
21
12
35
42
9
0
0
0
1
0
5
2
127
Denial of Service
3
0
3
2
1
1
0
46
200
164
109
231
760
Malicious Code
0
0
0
0
6
0
13
25
35
7
87
4,591
4,764
Web Site Defacement
0
0
0
0
106
56
11
31
1
11
6
14
236
Misuse of Resources
0
1
1
2
0
0
1
0
2
0
0
0
7
Other
0
0
0
1
12
0
0
34
10
36
10
5
108
Reconnaissance Activity
7
5
3
4
160
114
26
13
10
20
32
58
452
Monthly Totals
61
26
59
79
295
173
52
156
264
239
250
4,901
6,555

2000 Incident Statistics
Type Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Yearly Totals
Root Compromise
10
8
15
11
14
9
16
7
17
25
16
9
157
User Compromise
1
0
2
4
10
11
17
10
10
20
10
20
115
Denial of Service
4
1
7
1
5
2
1
1
7
3
2
2
36
Malicious Code
0
0
0
0
0
0
0
0
0
0
0
0
0
Web Site Defacement
0
0
0
0
0
0
0
0
0
0
0
0
0
Misuse of Resources
1
1
3
2
4
2
1
0
2
1
1
6
24
Other
0
1
4
2
0
0
1
0
0
1
0
0
9
Reconnaissance Activity
6
3
8
2
3
8
9
16
7
5
3
1
71
Monthly Totals
22
14
39
22
36
32
45
34
43
55
32
38
412

1999 Incident Statistics
Type Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Yearly Totals
Root Compromise
7
3
8
7
15
14
6
6
15
4
11
17
113
User Compromise
0
4
3
3
3
4
0
2
1
1
0
0
21
Denial of Service
3
4
2
3
6
5
1
4
1
0
0
5
34
Malicious Code
0
0
0
0
0
0
0
0
0
0
0
0
0
Web Site Defacement
0
0
0
0
0
0
0
0
0
0
0
0
0
Misuse of Resources
0
1
2
0
2
1
1
1
1
0
2
1
12
Other
7
2
6
4
3
4
6
10
4
1
3
2
52
Reconnaissance Activity
0
7
44
30
33
31
13
23
12
12
10
7
222
Monthly Totals
17
21
65
47
62
59
27
46
34
18
26
32
454


This information has been provided to convey a general impression of the variety of intruder activity reported to us. Incident statistics are presented only after we have analyzed and categorized them. They should not be interpreted as a chronological record of intruder activities. More than one activity type can be assigned to an incident. Complex incidents may involve more intruder activities than are explicitly identified. Incident details may not be 100% complete or contain the same level of detail for every incident. Host and site counts are approximate, and may not reflect the exact number of hosts involved in the incident.

Last updated October 08, 2004