IBM X-Force Says For-Profit Cyber Attacks to Increase in 2007

Published: February 8, 2007

by Alex Woodie

2006 was a record year for security vulnerabilities, with an average of 20 new flaws discovered every day. But brace yourself for 2007, as cyber criminals grow more sophisticated, requiring more vigilance by companies, according to a recent report issued by IBM's Internet Security Systems (ISS) X-Force research and development team.

There is a caveat to the vulnerability figures listed in the paragraph above. While the number of newly discovered vulnerabilities jumped 40 percent in 2006 compared to 2005-that's 7,247 vulnerabilities compared to 5,176--the rate of "high impact" vulnerabilities decreased somewhat, from accounting for 28 percent of all vulnerabilities in 2005 to 18 percent in 2006. Numerically, the decrease in the most severe vulnerabilities drops from about 1,450 in 2005 to about 1,300 in 2006.

That's where the good news ends. Gunter Ollmann, director of security strategy for IIS, says companies need to stay on high alert. "The security industry has made great progress over the last year, but despite promising statistics [such as the decrease in high-impact vulnerabilities], we predict that 2007 will require even higher levels of vigilance and innovation to deal with emerging threats and new vectors of attack."

Of particular note are the camouflaging techniques cyber criminals are using to hide what they're doing. X-Force reports that about half of the Web sites set up to infect visitors or steal personal information are attempting to obfuscate or camouflage their attack, and about 30 percent are encrypting their payload.

And while the IT industry scrambled to meet the burgeoning demand for "software as a service," the cyber criminal underground has been doing the same, with the rise of the "exploits as a service" industry. According to X-Force, the malware industry is ripe for an explosion of "managed exploit providers" who sell exploit code that's encrypted so it can't be picked up by the authorities and white hats. The growing sophistication of a sales channel trafficking in exploits will help to render traditional signature-based protection even less effective in the future, X-Force predicts.

It was another banner year for spammers, too. While it seemed like spam levels couldn't go much higher, the amount of spam trafficking the Internet managed to increase by a whopping 100 percent last year, according to X-Force. (Although, it must be said, that due to the fact that the vast majority of e-mail already was spam in 2005, the doubling didn't do much to increase the rate of spam, so maybe you didn't notice your spam repository--err, your inbox--overflowing just a little more.) Image-based spam, which is tough to detect using traditional methods, is largely to blame for this bump up.

The X-Force team, picked up by IBM last year in its ISS acquisition, had some other interesting tidbits to share in its report on 2006.

Among the factoids:

• The biggest sources of spam are the U.S., Spain, and France.
• The biggest source of phishing e-mails is South Korea.
• After English, German is the most popular language in which spam messages are written.
• The most commonly used exploit to infect Web browsers with malware was the MS-ITS vulnerability, which Microsoft fixed in 2004.

The 34-page X-Force report can be downloaded in PDF format here.

                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot