Home > Reports, Security > IBM X-force Threat Trends Review 2009

IBM X-force Threat Trends Review 2009

September 10th, 2009 Sumit Leave a comment Go to comments

IBM has been releasing the quarterly reports about current threat trends in information security from some time now.

They have already released their mid-year report which could be found at: http://www-935.ibm.com/services/us/iss/xforce/trendreports/

I have read the 2008 annual reports and this report represents many trend differences as compared to it.

Some of the highlights are: -

  • More use of organized crime for financial gains. Economical gain is still the number 1 cause for all security threats and attackers are keeping ROI in mind while developing attacks.
  • Political/Military gains motivated attacks have also accelerated with time.
  • Design of malware has changed with time and attackers are using newer ways to pentrate into systems.
  • Attacker are selling vulnerable systems to other criminal organizations by displaying the reliability of their deployed mechanisms.
  • Vulnerabilities in terms of CVSS score are high with 30%, medium with 62%, low at 7% and low at 1%
  • Gain access, data manipulation and denial of services are still top 3 vulnerability consequences.
  • Apple reaches number 1 sport and Sun no 2 in terms of disclosed vulnerabilities
  • MS still has no 1 ranking in high vulnerabilities
  • Nearly 49% of all the vulnerabilities disclosed in first half of 2009 had no remedies provided by the vendor.
  • Web application is still the top concern and is a very under-rated problem
  • Of all the vulnerabilities disclosed in 2009 50.4% were related to web based applications
  • Cross-site scripting and sql injections are still no. 1 form of web application attacks
  • 90% of injection attacks are attributed to sql injections. They are being carried out by automated scripts
  • SQL injection attacks have grown by 50% as compared to Q4 2008 and have doubled in Q2 vs Q1 2009
  • Largest number of client-side vulnerabilities exist in browser and their plugins.
  • .pdf files are becoming popular methods of attack because users trust these more than .exe files. In fact pdf files have surpassed office applications in terms of document related vulnerabilities.
  • There has been increase in number of anonymous proxy websites and obfuscated web pages and files.
  • Phishing is down 80% as compared to 2008 report.
  • Trojans are up 9% and have really grown in sophistication
  • Infostealer and downloader areĀ  the top trojans for 2009 so far
  • Hackers continue to take advantage of scareware and trick end users to install fake security software which are malware in reality.
  • Spam is up 40% than 2008, majority being URL based with a life span of 1 week or less. Top 10 popular subject to 38% of all phishing emails
  • Hackers have increased the use of trusted domains with catchy subject lines to attract users.
  • HTML based spam has dominated where as image based has declined since 2008
  • Majority of spam urls last 7 days or less
  • Spam origins from Brazil and India has increased after Q4 2008
  • Financial institutions remain top target of phishing at 66.3% followed by Online payments at 31.4%

I would recommend to read the full report since it provides much more information and will help security professionals to change their focus towards new trends.

– Sumit

Categories: Reports, Security Tags:
  1. No comments yet.
  1. No trackbacks yet.