Global Security Threats at Record Levels: Report

According to a research report, Web application vulnerabilities continued to be the leading threat, accounting for more than half of all public disclosures. 

In addition, covert attacks increased in complexity hidden within JavaScript and Portable Document Formats (PDFs), while cloud computing and virtualization were noted as key future security topics for enterprise organizations.

Technology leader IBM has released the results of its X-Force 2010 Mid-Year Trend and Risk Report, which showed that vulnerability disclosures are increasing dramatically, having reached record levels for the first half of 2010.

Also Read:
Why Russian Rive Gauche wants IBM Security
IBM Eyes Marketing Business with Unica Buyout
Research to Help Uneducated Use Mobile Web
How Smart Buildings can Earn You Profits
IBM Fuels Robot Car Journey Italy to China
IBM, University of Missouri for Genomics Research

Overall, 4,396 new vulnerabilities were documented by the X-Force Research and Development team in the first half of 2010, a 36 percent increase over the same time period last year.

Over half, 55 percent, of all these disclosed vulnerabilities had no vendor-supplied patch at the end of the period.

In the first-half of 2010, organizations were doing more to identify and disclose security vulnerabilities than ever before, says IBM. This in turn is having positive effects on the industry by driving more open collaboration to identify and eliminate vulnerabilities before cyber criminals can exploit them.

Here’s an overview of the trends:

Web applications — Web application vulnerabilities, according to the IBM report, have surpassed all other threats to account for 55 percent of all disclosures. While Web application vulnerabilities continue to climb at a steady rate, these figures may only represent the tip of the iceberg of total Web application vulnerabilities that exist, as they do not include custom-developed Web applications which can also introduce vulnerabilities. 

Covert, hidden attack methods — Enterprises are fighting increasingly sophisticated attacks on their computer networks, including Advanced Persistent Threats. These sophisticated attackers are employing covert means to break into networks without being detected by traditional security tools. JavaScript obfuscation is a particularly popular technique used by all classes of computer criminals to hide their exploits within document files and Web pages. IBM detected a 52 percent increase in obfuscated attacks during the first half of 2010 versus the same period in 2009. 

PDF exploits — X-Force started observing widespread use of PDF-based exploits during the first half of 2009. Since then, it has captured three of the top five slots for browser exploits used in the wild. The most significant jump associated with PDF attacks in 2010 occurred in April, when IBM Managed Security Services detected almost 37 percent more attack activity than the average for the first half of 2010. This spike coincided with a widespread spam campaign in which malicious PDF attachments were used to spread the Zeus and Pushdo botnets, some of the most insidious threats on the Internet today.

Phishing — Phishing volume has fluctuated wildly over the past few years. The first half of 2010 has only seen a fraction of the phishing attacks that were seen at the peak in 2009, a decline of almost 82 percent. Despite this drastic decline, financial institutions are still the number one phishing target, representing about 49 percent of all phishing emails, while credit cards, governmental organizations, online payment institutions and auctions represent the majority of other targets.

“Threat dynamics continue to multiply and evolve at a furious pace, making it more crucial than ever to look at unfolding trends so we can better prepare our clients for the future,” said Steve Robinson, general manager, IBM Security Solutions.

Looking ahead, the X-Force Research and Development team has identified some key trends to watch for in the future, including:

Cloud Computing — As an emerging technology, security concerns remain a hurdle for organizations looking to adopt cloud computing. As organizations transition to the cloud, IBM recommends that they start by examining the security requirements of the workloads they intend to host in the cloud, rather than starting with an examination of different potential service providers. Gaining a good understanding of the needs and requirements first will help organizations take a more strategic approach to adopting cloud services.

Virtualization — As organizations push workloads into virtual server infrastructures to take advantage of ever increasing CPU performance, questions have been raised about the wisdom of sharing workloads with different security requirements on the same physical hardware. X-Force’s vulnerability data shows that 35 percent of vulnerabilities impacting server class virtualization systems affect the hypervisor, which means that an attacker with control of one virtual system may be able to manipulate other systems on the same machine. This is a significant data point when architecting virtualization projects.

This report comes from IBM’s X-Force team, a security research organization within IBM that has catalogued, analyzed and researched more than 50,000 vulnerability disclosures since 1997. 

The IBM X-Force Trend and Risk Report gathers facts from numerous intelligence sources, including its database of over 50,000 computer security vulnerabilities, millions of intrusion events monitored on tens of thousands of managed network sensors deployed on customer networks throughout the world, its global Web crawler and its international spam collectors.

IBM released the report results Wednesday, August 25.

RMN News

Rakesh Raman