There is good news and bad news in this year’s X-Force 2010 Trend and Risk Report from IBM. The good news is that it seems that spam and phishing attacks are leveling off. Also, mobile devices have not been compromised in any big way, yet. The bad news is that IT security threats are getting increasingly sophisticated and targeted.

Based on intelligence gathered through research of public vulnerability disclosures, and the monitoring and analysis of more than 150,000 security events per second during every day of 2010, the observations from the IBM X-Force Research team finds that more than 8,000 new IT security vulnerabilities were documented, a 27 percent rise from 2009.

Heather Clancy, Joe McKendrick
Heather Clancy, Joe McKendrick IBM's Business Brains

Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.There seems to be a declining interest in spamming. IBM reports the historically high growth in spam volume leveled off by the end of 2010. This indicates that spammers may be seeing less value from increasing the volume of spam, and instead are focused on making sure it is bypassing filters.

Spam volumes peaked, and then leveled off — In 2010, spam volumes increased dramatically, reaching their highest levels in history. However, the growth in volume leveled off by the end of the year. In fact, by year’s end, spammers seemed to go on vacation, with a 70 percent decline in traffic volumes occurring just before Christmas and returning early in the new year.

There were significantly fewer mass phishing attacks relative to previous years, but there has been a rise in more targeted attack techniques. Although phishing attacks still occurred, the peak volume of phishing emails in 2010 was less than a quarter of the peak volumes in the previous two years. This may indicate a shift toward other, more profitable, attack methodologies such as botnets and ATM skimming.

Despite this decline, “spear phishing,” a more targeted attack technique, grew in importance in 2010, as meticulously crafted emails with malicious attachments or links became one of the hallmarks of sophisticated attacks launched against enterprise networks.

2010 saw some of the most high profile, targeted attacks that the industry has ever witnessed.

For example, the Stuxnet worm demonstrated that the risk of attacks against highly specialized industrial control systems is not just theoretical. These types of attacks are indicative of the high level of organization and funding behind computer espionage and sabotage that continues to threaten a widening variety of public and private networks.

via IBM report: computer hackers getting smarter, unfortunately – SmartPlanet.

About the author

1 comment
  1. Hackers can’t get any smarter. They are already smart. The rise maybe attributed to software companies releasing their apps prematurely because of fear that their competitor will release their product first leading to revenue loss. They let the public test their products when their testing team should do it in the first place.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Sign Up for Our Newsletter

Get notified of our weekly selection of news

You May Also Like

Thailand fails to attract foreign talents

Unlike Singapore (2nd), Thailand (75th) is not an attractive country for skilled professionals who want to move abroad, according to INSEAD’s annual survey, or Global Talent Competitiveness Index (GTCI).

Thailand Aims to Become Hemp Production Hub

According to Industry Minister Suriya Jungrungreangkit, the value of hemp cultivated and harvested in Thailand is projected to grow by at least 20,000 baht per rai, creating more jobs throughout the industry supply chain.

Business Urged to Leverage 5G at Thailand 5G Summit 2022

Digital Economy and Society Minister Chaiwut Thanakamanusorn said driving digital technology and innovations is crucial for promoting the utilization of 5G, while also expanding opportunities for the business and civic sectors.