IBM recorded more than 1 billion suspicious computer security events last year, despite a leveling off in the amount of spam e-mail and a decrease in major Internet worm and virus outbreaks.
Enterprises should expect to see the same level of malicious traffic this year, even as online criminal groups shift to stealth attacks and cyber-extortion instead of massive, global malicious code attacks, said David Mackey, director of security intelligence at IBM, in Armonk, N.Y.
“We continue to see significant reconnaissance activity, whether its network mapping of organizations or malware or botnets. Its not a global outbreak—theres nothing that will shut down networks across the globe. Its stealthier. Its about compromising the greatest number of systems,” said Mackey.
The company has released its IBM Security Threats and Attack Trends report for 2005. The report details the top threats of last year and makes predictions about prevalent security trends for this year.
The predictions are based on threat and attack data from IBMs Security Operation Center, which manages intrusion detection, wireless security and firewall technology for IBM customer networks, Mackey said.
Windows holes will continue to be a top security concern this year, even though Windows XP Service Pack 2 has made it more difficult to launch massive, automated attacks on that system, IBM officials said.
Cyber-extortion using threats of DoS (denial of service) attacks or the disclosure of sensitive data will increasingly be used this year, IBM officials predicted.