Organisations across the world faced increasingly sophisticated customised IT security threats in 2010, according to a report by IBM.
The annual X-Force 2010 Trend and Risk Report by IBM revealed that more than 8,000 new vulnerabilities were documented in 2010, a 27% rise from 2009.
Public exploit releases were also up 21% from 2009 to 2010, shows that an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.
However, overall there were significantly fewer phishing attacks relative to previous years, but "spear phishing," a more targeted attack technique, grew in importance in 2010, indicating that cyber criminals have become more focused on quality of attacks, rather than quantity.
The report revealed that as end-user adoption of smartphones and other mobile devices increased, IT security departments have struggled to determine the right way to bring these devices safely into corporate networks.
Although attacks against the latest generation of mobile devices were not yet widely prevalent in 2010, IBM X-Force data showed a rise in vulnerability disclosures and exploits that target these devices.
The report highlighted a shift in perception about cloud security as adoption continued to evolve and knowledge around this emerging technology increased.
Since security is still considered an inhibitor to cloud adoption, cloud providers must earn their customers’ trust, which is achieved by providing an infrastructure that is secure by design with purpose-built security capabilities that meet the needs of the specific applications moving into the cloud, said the report.
The report also highlighted that organisations are increasingly concerned about the security implications of personal mobile devices used by employees.
However, from a security standpoint, 2010 is remembered as a year marked by some of the most high profile, targeted attacks that the industry has ever witnessed, said the report.
The Stuxnet worm demonstrated that the risk of attacks against highly specialised industrial control systems is not just theoretical.
The report also showed that in 2010, spam volumes increased dramatically, reaching their highest levels in history. However, the growth in volume leveled off by the end of the year, with a 70% decline in traffic volumes occurring just before Christmas and returning early in the new-year.
Web applications also accounted for nearly half of vulnerabilities disclosed in 2010, with Web applications continuing to be the category of software affected by the largest number of vulnerability disclosures, representing 49% in 2010.
The report also revealed that nearly half of vulnerabilities remain unpatched and to help prevent attackers from exploiting vulnerabilities organisations must focus on shortening the window of time between vulnerability disclosure and patch installation.
The report said that 44% of all security vulnerabilities had no vendor-supplied patch at the end of 2010. Even in cases where patches are made available on the same day that a vulnerability is publicly disclosed, there may be a significant gap in time before those patches are installed on vulnerable systems.
The report saw an upward trend in Trojan botnet activity during 2010. This growth is significant because despite increasing coordinated efforts to shut down botnet activity, this threat appeared to be gaining momentum. However, the data did illustrate the dramatic impact of a successful effort in early 2010 to shutdown the Waledac botnet, which resulted in an instantaneous drop off in observed command and control traffic.
The Zeus botnet continued to evolve and constituted a significant portion of the botnet activity detected by the report in 2010. Due to its extreme popularity with attackers, there are hundreds, or even thousands, of separate Zeus botnets active at any given time. The report said that the Zeus botnet malware is commonly used by attackers to steal banking information from infected computers.
