Instrumented Interconnecteds Intelligent
March, 31st 2011
9:21
 

Posted by
Guest in

Post feed

RSS 2.0

tcrossBy Tom Cross, threat intelligence manager, IBM X-Force

The IBM X-Force Trend & Risk Report, issued today put a big spotlight on the evolving, sophisticated face of cyber crime.

Vulnerability Disclosures Growth by Year Caption: IBM documented more than 8,000 new vulnerabilities, a 27 percent rise from 2009.  Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.

IBM documented more than 8,000 new vulnerabilities, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.

From Stuxnet to Zeus Botnets to mobile exploits, 2010 will go down as a year where we witnessed a widening variety of attack methodologies popping up each day, The numerous, high-profile targeted attacks shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has.

In 2010 the increasing complexity of our computing environment has allowed criminals to expand their ring of targets:

  • Industrial Systems — The Stuxnet worm demonstrated that how computer espionage and sabotage against specialized industrial control systems can threaten a widening variety of public and private networks.
  • Mobile phones — Although attacks against the latest generation of smartphones were not widely prevalent in 2010, our data showed a rise in vulnerability disclosures and exploits that target these devices.
  • Virtual Systems– A new vulnerability class has arisen around the growth of virtual systems.   Attackers have learned that once they control one system, they can expand that control to other virtual systems running on the same physical machine.

Cyber criminals also forged more sophisticated paths to their victims, such as using “spear phishing,” a more targeted attack technique that grew in importance in 2010.

YouTube Preview Image

Overall, the sheer volume of vulnerabilities grew: IBM documented more than 8,000 new vulnerabilities, a 27 percent rise from 2009.  Public exploit releases were also up 21 percent from 2009 to 2010.

Cyber criminals take advantage of a window of opportunity between the time that a patch for a security vulnerability is made available, and the time it is installed on a vulnerable system.  To help prevent attackers from exploiting vulnerabilities, organizations must focus on shortening the window of time between vulnerability disclosure and patch installation.

While threats have expanded rapidly so have the technologies and resources to protect organizations.  IBM serves as the eyes and ears for nearly 4,000 clients, monitoring 13 billion security events around the clock to prevent attacks before they ever even occur.

As end user adoption of smart phones and other mobile devices increases, IT security departments have struggled to determine the right way to bring these devices safely into corporate networks. Although attacks against the latest generation of mobile devices were not yet widely prevalent in 2010, X-Force data shows a rise in vulnerability disclosures and exploits that target these devices.

As end user adoption of smart phones and other mobile devices increases, IT security departments have struggled to determine the right way to bring these devices safely into corporate networks. Although attacks against the latest generation of mobile devices were not yet widely prevalent in 2010, X-Force data shows a rise in vulnerability disclosures and exploits that target these devices.

Our team signs up to receive as much spam as possible.  We monitor 40 million spam signatures and analyze each piece of spam.  Each day there are we add approximately one million new, updated, or deleted signatures for the spam filter database.

Additionally, using analytics, IBM mines through all of the intelligence gathered and converts them into the R&D underpinnings of its security solutions. IBM Network Intrusion Prevention System uses our X-Force intelligence to block any threat that IBM researchers deem a potential risk, even before a vulnerability is publicly disclosed and the software publisher issues its patch.

Our research also helps advise clients. Today IBM is expanding its IBM Institute for Advanced Security to combat growing security threats in Europe. Based in Brussels, the new Institute in Europe will connect government and private sector, academics and business partners with IBM experts. This Institute joins its predecessor in Washington, D.C., focused on US clients.

As cyber criminals get serious, IBM doubles down on applying our resources across the company to protect our clients.  2010 was clearly a pivotal year for security on many counts. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical.

You can read the entire report at http://www-03.ibm.com/security/landscape.html.

Bookmark and Share

Previous post

Next post

4 Comments
 
June 22, 2012
3:08 am

You actually make it appear so easy with your presentation however I in finding this matter to be actually one thing that I believe I would never understand. It seems too complex and very huge for me. I am having a look ahead in your next post, I will attempt to get the hang of it!


Posted by: Irving Hema
 
March 6, 2012
4:34 am

With the everyday changes in technology, cyber crime also changes to keep up. Hopefully, a law can be formulated to effectively protect us from this offense as well as to truly track down and identify the offenders. Until such a time comes, all we can do is protect ourselves and our computer systems the best way we know how.


Posted by: defense attorney Harris County
 
April 15, 2011
1:59 am

pse3v5 ltdogaqqayvx


Posted by: udvutiac
 
April 14, 2011
7:27 am

WOSdxM Very true! Makes a change to see smoonee spell it out like that. :)


Posted by: Vianca
 
Post a Comment