Skip to navigation
   
Davey Winder's Blog
RSS

The browser mafia

By Davey Winder in Editorial

Posted in Blog, Security, IBM on February 16, 2008 at 11:18 pm

Permalink | Author Profile

According to IBM, or rather the straight out of a gangster movie sounding IBM X-Force to be precise, your web browser is under siege from organised crime gangs. The 2007 X-Force Security report details something of an expected rise in the sophistication of attacks, and an increase in the rate at which victims computers are being compromised. There is, X-Force says, a ‘complex and sophisticated criminal economy’ which has developed to capitalise on known web vulnerabilities, and underground brokers are now delivering the necessary tools to enable those who would screw you over to do just that and avoid detection by way of obfuscation or camouflage.

The report says that in 2006 only a small percentage of attackers employed camouflaging techniques. Compare and contrast with the first half of 2007 when some 80 percent of attacks did just that, and the 100% that were doing it by the end of the year. Using such by now commonplace techniques, the criminal element can all too easily infiltrate a system and compromise the data upon it. Don’t laugh this off as being just a problem for the home user either, X-Force quite rightly reminds us that when attackers invade an enterprise machine they can steal sensitive company information or use that compromised machine to gain access to other corporate assets behind the firewall.

“Never before have such aggressive measures been sustained by Internet attackers towards infection, propagation and security evasion. While computer security professionals can claim some victories, attackers are adapting their approaches and continuing to have an impact on users’ experiences,” said Kris Lamb, operations manager, X-Force Research and Development for IBM Internet Security Systems. “The Storm Worm provides a microcosm of the kinds of threats users faced in 2007. All in all, the exploits used to spread Storm Worm are a blend of the various threats tracked by X-Force, including spam, phishing and drive-by-downloads by way of Web browser exploitation.”

The X-Force report also reveals that:

  • The number of critical computer security vulnerabilities disclosed increased by 28 percent, a substantial upswing from years past.
  • The overall number of vulnerabilities reported for the year went down for the first time in 10 years.
  • Out of all the vulnerabilities disclosed last year, only 50 percent can be corrected through vendor patches.
  • Nearly 90 percent of 2007 disclosed vulnerabilities are remotely exploitable.
12345
Rated: 100% (1 votes)
Loading ... Loading ...

Previous Post | Next Post

 
 
Comments

Comment by traffictrial - February 18, 2008 on 10:11 am

good article. ….
nice info ..
thanks

Trackback by Jackson Skweres - February 9, 2012 on 3:56 am

sopa de pollo para el alma…

[…]various details in which Judge Rodgers could have failed to exercising […]…

Trackback by Erich Haddaway - February 9, 2012 on 7:58 am

sopa and pipa news…

[…]the publication of my book and a lot more lively promotion […]…

Make a comment

* required

* required

We stop spam using reCaptcha.
Type the words below and click Submit Comment.

   
Tag cloud

Hack payment server Kin Cisco fun Education stupid scareware Flash Supercomputer VPN OS network Funny computers Study encryption patent Data Centre dumb prison meme security MSN avatar Conference Zango Deal Application gadgets environment RAM Sex Acer Top 10 migration MessageLabs iPhone 3G virtual machine surveys Vista support spam Web Development USA Windows Phone 7 Series Licensing MSNBC books Harry Potter museum parental control Analysis computer Backlash Experiment law Sony science Windows 7 IP payments Adobe standards Johnny Depp IT Finjan Press family privacy development NBC HP scam documentation policy Jobs Military Texas Instruments phishing iPod Ballmer fraud App Store EU remote Microsoft Facebook Nintendo Government Netbook Microchip news crime Mars report Enterprise console YouTube Jesus Phone rootkits hardware economics carbon copy terrorism Music Silverlight Top 500 nightmare hacker ISPA China mobile digitise Army DNS students Trousers virtualisation IBM Voice Digg technology desktop Media scan Browser admin Steve Ballmer wifi xmas Kill Switch politics Palm Pre survey HPC Blog Scotland Game Big Brother christmas Battery management campaign chips help computing Energy Retail teleworking Digital Footprint workplace Paris Hilton email adware Blogging archiving recession debian symantec Programming innovation cloud smartphone credit card fraud earth hour economy betting Madness Palm printing Review Recall Internet Explorer Noro lawsuit InfoSec Patents Banned fake Opinion monetisation Apps Mobile Phones Linux statistics man-in-the-middle VM Bill Gates Mobile Phone Video black hat Election world of warcraft GMail compromise office hoax ecommerce library Rumour Eee Apple hubdub disclosure Lotus worker SSL Space information School universe Psion Guardian Obama PS3 outsourcing graphics Marketing hacking ASUS virtual world FBI VeriSign work exploit Project Gadget ISP Health mail Kindle global BOFH acquisition Europe shopping iPhone botnet Tesco Death Children copyright Twitter Notebooks AMD banking The Federation Advertising services tax Gateway RATM Geeks Meh Spotify Amazon Michael Jackson Mafia Performance computing Browsers tech search spending Networks credit crunch broadband Kaspersky Parenting NASA Olympics gaming Business Eee PC iPhone 3GS Trojan Dell e-commerce Internet Software patch management Yahoo data size data protection home trust iPad green second life virus web 2.0 worm GSM Google Earth web hypervisor snooping Russia Pirate poll productivity e staffing IDC Texting ID Theft President CAPTCHA Google Firefox Windows SMS OCR fool eBook transactional security linkedin storage XP stupidity Steve Jobs remote working theft BSI biometrics MiniBook McKinnon memory Gartner code Porn Beta Psychic Employment football Rant App social networking service Research Intel games Developers malware sick banks millions ROFL Addiction Android holidays Nexus money open source Architecture
Advertisement

   
Archives

   
Most commented posts

   
Highest Rated Blog Posts

Advertisement