1The Good: Less Spam
2The Good: Decline in Exploit Code
When security vulnerabilities are disclosed, exploit code can be released for attackers to download. This allows them to take advantage of the problem and access computers. IBM saw about 30 percent fewer exploits in 2011 than 2010, and gave credit to software developers instituting architectural and procedural changes that made it more difficult for cyber-criminals to exploit vulnerabilities.
3The Good: Fewer Unpatched Vulnerabilities
4The Good: Fewer XSS Vulnerabilities
The quality of software is improving, thanks in part to developers using tools and services to analyze, find and fix vulnerabilities. IBM found that cross-site scripting (XSS) vulnerabilities are 50 percent less likely than four years ago to exist in customers’ software. However, these vulnerabilities still appear in 40 percent of the applications IBM scans with its AppScan OnDemand service. That’s too much.
5The Bad: Rise in Mobile Exploits
Attackers are adjusting what they do, and the ripe field of mobile computing is one place they’re focusing on. IBM found a 19 percent jump from 2010 to 2011 in the number of publically released exploits that target mobile devices. That is dicey for IT departments as they deal with the growing bring-your-own-device (BYOD) trend in the enterprise.
6The Bad: Targeting Social Media
As social media adoption grows, so has cyber-criminal activity in the space, including a surge of phishing emails posing as social media sites. The issue is made even more dire by the amount of personal and professional information that people are willing to put on these social media sites, according to IBM.
7The Bad: Targeting Social Media
As social media adoption grows, so has cyber-criminal activity in the space, including a surge of phishing emails posing as social media sites. The issue is made even more dire by the amount of personal and professional information that people are willing to put on these social media sites, according to IBM.
8The Bad: Shell Command Injection
Progress has been made in closing SQL injection vulnerabilities: The number in publically maintained Web applications dropped 46 percent in 2011. Now, some attackers are targeting shell command injection vulnerabilities, which allow them to execute commands directly on a Web server. Shell command injection attacks rose almost three times over the course of 2011, IBM found.
9The Bad: More Automated Password Guessing
Poor passwords and password policies continue to play a role in security breaches. Cyber-criminals are continuing to eye this area with automated attacks that scan the Internet for systems with weak log-in passwords. There was a big jump in the second half of 2011 in password-guessing activity aimed at secure shell servers.
10The Bad: More Phishing
The volume of email attributed to phishing was relatively low in 2010 and the first half of 2011. That changed in the second half of last year, when researchers saw a surge in activity that reached volumes not seen since 2008. Many of the phishing emails impersonate social media sites or mail parcel services. They try to entice users to click on links to Web pages that could infect their PCs with malware. There also is the problem of click fraud, where misleading emails are used to drive traffic to retail Websites, according to IBM.