Windows systems have long been the most common target for online attacks, but many hackers are now turning their attention to open-source systems as well, according to the results of a new report issued by security solutions provider MI2G.

MI2G says that the number of attacks on Linux-based open-source Web applications is increasing. The firm's monitoring unit reported 5,736 attacks in the whole of 2001, but this figure rose to 7,630 in just the first half of 2002. According to MI2G, attacks on Windows systems running Microsoft's IIS Web server fell by 20 percent, from 11,828 during the first six months of 2001 to 9,404 over the same period this year. These figures do not include viruses and worms.

Linux has enjoyed a reputation as a more secure alternative to Windows operating systems, but security experts warned that firms with Linux systems should not be complacent. Ian Tickle, UK manager at data integrity company Tripwire, said, "Although Linux is classed as a secure solution, users still need protection." He added that as the number of Linux users has grown, particularly within corporates, Linux systems have become a much more attractive target for attackers.

Mark Lillycrop, chief executive of research firm Arcati, argued that conversely, recent Microsoft products such as Windows XP have become more difficult to hack. This may account for the decreasing number of attacks on these systems but it is not a sign that Microsoft has solved all its security problems. "When these more secure products are networked with older Windows systems, the security of the whole network suffers. So we're not going to see vastly better security until Windows 95 and 98 boxes start to disappear," warned Lillycrop. He cautioned that Microsoft must also address the weak points in its dot-Net platform.

Although the number of attacks on Windows appears to have fallen, the total number of attacks - including viruses and worms - is still rising, according to security advisory organisation the Computer Emergency Response Team (Cert). During the first half of this year, over 43,000 incidents were reported to Cert, up from just over 52,000 during the whole of 2001. This indicates that the total number of security incidents reported to Cert during 2002 might be double the total for 2001.

However, the rise in reported incidents could be due to the use of more effective security tools, which spot attacks that would otherwise be missed, according to Madeleine Allen, director at security consultancy DNS. "There are more and more automated packages that can detect incidents. Because of increased use of these, there are more statistics available," she said.

Lillycrop pointed out that the Cert figures have been climbing steeply for a few years, so this is not a new trend. "But the fact that the figures haven't started to level off is disappointing," he added.

Have your say: contact IT Week