Armonk, NY–(BUSINESS WIRE)–June 30, 2005–Today IBM reported that phishing attacks
increased 226 percent, while viruses and worms, such as Sober and Mytob, also
continued to spread rapidly through email and web applications, according to its
May Global Business Security Index.
IBM security experts attribute the increase in phishing attacks to the rise of
zombie botnets being used to pump out massive volumes of the scam emails used
in phishing attacks, as cyber-criminals look to increase their profits.
IBM’s report also indicates that in May more than 30 percent of emails contained
some form of virus — a 33 percent increase from the previous month. In many
instances, the virus traveling via email infiltrated a computer’s hard drive
and then forwarded itself to the user’s entire address book.
In addition, IBM reports that application hacking is how 90 percent of target
systems are exploited. Two critical points in web application security are the
creation and management of sessions and filtering all data input. These types
of compromises from a web application can lead to exposure of banking information,
private sensitive data like credit card information, and competitive intelligence
Key findings from IBM’s May Global Business Security Index include:
— Phishing explodes: Phishing incidents reached a peak point in January 2005
and then dropped again. In May, phishing attacks exceeded anything previously
recorded, increasing by 226 percent.
— Viruses grew: In May 1 in 32.2 (3.12 percent of all email) emails contained
some form of virus or trojan attack, a significant increase over the past month
of 33 percent. To combat malwares such as Sober and Mytob, and other variants
of these viruses, IBM advises organizations to keep antivirus signatures up-to-date,
and to keep current with Windows patches.
— Spam levels off: In May, 68.7 percent of inbound email traffic contained
some form of spam. This figure has remained relatively unchanged over the past
three months; During the same period, the proportion of unwanted email originating
from known botnets and open proxy sources has dropped by a further 1.7 percent
for the second month running.
— Application hacking exploits: Ninety percent of target systems are exploited
because of Web application hacking. Financial applications and online shopping
accounts are popular targets. Top Web application vulnerabilities include: invalidated
input; cross-site scripting flaws; injection flaws; broken authentication and
session management; and improper error handling.
— Malware scam: a malware hijacking threat was discovered operating from the
host name iframeDOLLARS.biz. This website attempted to recruit partner websites
to host a variety of malicious code to exploit Internet Explorer browsers. A
successful exploit would result in numerous trojans, backdoors and spyware installed
on the client. IBM has been identifying the hosting ISPs, strongly recommending
the malicious Web sites be removed.
— Educational institutions systems pharmed: In late May, after a long period
of calm, IBM security analysts observed active exploitation of a Microsoft Library
ASN.1 vulnerability. Correlating the signatures with other security events,
IBM was able to determine that several attacking sources belonged to educational
institutions, revealing that the attacking sources were compromised hosts, belonging
to an Rbot network. IBM quickly notified customers and possibly infected institutions
to address any outstanding issues.
”IT systems have become so crucial to today’s business operations, work productivity,
and customer service, that even a small disruption can have serious impact on
business operations, and loss of data integrity or confidentiality can lose
a customer base that took years to build,” said Cal Slemp, vice president,
security and privacy services, IBM Global Services. ”Security is now something
that companies can no longer afford to be without. IBM’s approach offers companies
a way to reduce overall business risk while helping them comply with legislations,
regulations and build better business intelligence.”
The IBM Global Business Security Index Report is a monthly report that assesses,
measures and analyzes potential network security threats based on the data and
information collected by IBM’s 2,700 worldwide information security professionals
and half a million monitored devices. For more information, please visit www.ibm.com/security.
About IBM Global Services
With 80 years of leadership in helping businesses innovate, IBM is the world’s
largest information technology company. IBM is a leading provider of e-business
solutions and is dedicated to helping companies, Business Partners and developers
leverage the potential of e-business on demand across a wide range of businesses
and industries. The company offers a host of cross-industry and industry-specific
solutions designed to meet the needs of companies of all sizes. For more information
on IBM, please visit: http://www.ibm.com/businesscenter.