By Tom Cross, threat intelligence manager, IBM X-Force
The IBM X-Force Trend & Risk Report, issued today put a big spotlight on the evolving, sophisticated face of cyber crime.
From Stuxnet to Zeus Botnets to mobile exploits, 2010 will go down as a year where we witnessed a widening variety of attack methodologies popping up each day, The numerous, high-profile targeted attacks shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has.
In 2010 the increasing complexity of our computing environment has allowed criminals to expand their ring of targets:
- Industrial Systems — The Stuxnet worm demonstrated that how computer espionage and sabotage against specialized industrial control systems can threaten a widening variety of public and private networks.
- Mobile phones — Although attacks against the latest generation of smartphones were not widely prevalent in 2010, our data showed a rise in vulnerability disclosures and exploits that target these devices.
- Virtual Systems– A new vulnerability class has arisen around the growth of virtual systems. Attackers have learned that once they control one system, they can expand that control to other virtual systems running on the same physical machine.
Cyber criminals also forged more sophisticated paths to their victims, such as using “spear phishing,” a more targeted attack technique that grew in importance in 2010.
Overall, the sheer volume of vulnerabilities grew: IBM documented more than 8,000 new vulnerabilities, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010.
Cyber criminals take advantage of a window of opportunity between the time that a patch for a security vulnerability is made available, and the time it is installed on a vulnerable system. To help prevent attackers from exploiting vulnerabilities, organizations must focus on shortening the window of time between vulnerability disclosure and patch installation.
While threats have expanded rapidly so have the technologies and resources to protect organizations. IBM serves as the eyes and ears for nearly 4,000 clients, monitoring 13 billion security events around the clock to prevent attacks before they ever even occur.
Our team signs up to receive as much spam as possible. We monitor 40 million spam signatures and analyze each piece of spam. Each day there are we add approximately one million new, updated, or deleted signatures for the spam filter database.
Additionally, using analytics, IBM mines through all of the intelligence gathered and converts them into the R&D underpinnings of its security solutions. IBM Network Intrusion Prevention System uses our X-Force intelligence to block any threat that IBM researchers deem a potential risk, even before a vulnerability is publicly disclosed and the software publisher issues its patch.
Our research also helps advise clients. Today IBM is expanding its IBM Institute for Advanced Security to combat growing security threats in Europe. Based in Brussels, the new Institute in Europe will connect government and private sector, academics and business partners with IBM experts. This Institute joins its predecessor in Washington, D.C., focused on US clients.
As cyber criminals get serious, IBM doubles down on applying our resources across the company to protect our clients. 2010 was clearly a pivotal year for security on many counts. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical.
You can read the entire report at http://www-03.ibm.com/security/landscape.html.