The browser mafia
By Davey Winder in Editorial
Posted in Blog, Security, IBM on
According to IBM, or rather the straight out of a gangster movie sounding IBM X-Force to be precise, your web browser is under siege from organised crime gangs. The 2007 X-Force Security report details something of an expected rise in the sophistication of attacks, and an increase in the rate at which victims computers are being compromised. There is, X-Force says, a ‘complex and sophisticated criminal economy’ which has developed to capitalise on known web vulnerabilities, and underground brokers are now delivering the necessary tools to enable those who would screw you over to do just that and avoid detection by way of obfuscation or camouflage.
The report says that in 2006 only a small percentage of attackers employed camouflaging techniques. Compare and contrast with the first half of 2007 when some 80 percent of attacks did just that, and the 100% that were doing it by the end of the year. Using such by now commonplace techniques, the criminal element can all too easily infiltrate a system and compromise the data upon it. Don’t laugh this off as being just a problem for the home user either, X-Force quite rightly reminds us that when attackers invade an enterprise machine they can steal sensitive company information or use that compromised machine to gain access to other corporate assets behind the firewall.
“Never before have such aggressive measures been sustained by Internet attackers towards infection, propagation and security evasion. While computer security professionals can claim some victories, attackers are adapting their approaches and continuing to have an impact on users’ experiences,” said Kris Lamb, operations manager, X-Force Research and Development for IBM Internet Security Systems. “The Storm Worm provides a microcosm of the kinds of threats users faced in 2007. All in all, the exploits used to spread Storm Worm are a blend of the various threats tracked by X-Force, including spam, phishing and drive-by-downloads by way of Web browser exploitation.”
The X-Force report also reveals that:
- The number of critical computer security vulnerabilities disclosed increased by 28 percent, a substantial upswing from years past.
- The overall number of vulnerabilities reported for the year went down for the first time in 10 years.
- Out of all the vulnerabilities disclosed last year, only 50 percent can be corrected through vendor patches.
- Nearly 90 percent of 2007 disclosed vulnerabilities are remotely exploitable.
Rated: 100% (1 votes)
Loading ...Comment by traffictrial - February 18, 2008 on 10:11 am
good article. ….
nice info ..
thanks
Make a comment
Tag cloud
Archives
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
Most commented posts
- Cuil frozen out: market share drops to next to nothing
20 comments
- Windows XP: the invincible OS
- Gatecrashing the WiFi hotspot party
- The 24 year old software that is still going strong
- Home workers are sick
- Big Brother Apple
- Spear phishing Catch 22 for Salesforce.com
- Dumbest phisher in history revealed
- Is BT misleading consumers with Option 2 broadband?
- Why ecommerce fails
Highest Rated Blog Posts
- Why ecommerce fails (100%)
- Betting on Hubdub technology (100%)
- Chinese whispers as government implicated in UK hack attacks (100%)
- Crimeware toolkit targets 10,000 trusted sites (100%)
- Black Hat risk to migrating VMs (100%)
- Tough on cyber crime, tough on the causes of cyber crime (100%)
- Firefox 3, Beta 4, Enhancements 900, Tested 5 (100%)
- Slowly slowly catchee Government IT monkey (100%)
- Who needs another set of web standards? (100%)
- The 6.5 billion quid hello (100%)