IBM Observed Increased Phishing and SQL Injection Attacks in 2009

In the final week of February 2010, IBM released the results of its annual report titled IBM X-Force(R) 2009 Trend and Risk Report.

In the beginning of 2009, a dramatic decline was observed in phishing attacks, but the phishers returned with retaliation in Q3 2009. The amount of these attacks in September exceeded the volume witnessed in any month of 2008.

Also, in 2009, vulnerabilities in Web applications accounted for 49% share, or the major group, of security breaches, identified IBM. Vendors of Web applications have performed well in fixing up the flaws in their base platforms. However, plug-ins developed to add functionalities to the application, contain the majority of vulnerabilities impacting these platforms. The report said that flaws in Web application plug-ins are generally not patched.

SQL injection and cross-site scripting (XSS) were the major types of vulnerabilities that affected Web applications in 2009, revealed the report. According to Tom Cross, Manager of IBM X-Force Research, attackers employed automated tools to locate vulnerable websites last year, and hence SQL injection attacks surged significantly, as per the statement published by SCMAGAZINEUS on February 25, 2010.

Moreover, a significant increase was also witnessed in Web attacks made through obfuscation. A number of assaults made using automated exploit toolkits, use obfuscation - an effort to conceal these exploits in Web pages and documents. This way attacks evade detection by security software. The report stated that compared to the attacks made in 2008, obfuscated attacks in surged 3 to 4 times in 2009, as observed by IBM Managed Security Services.

The countries where most malicious attacks originated in 2009 were Brazil, USA and Russia. According to the report, 61% of phishing e-mails detected in 2009 purported to be coming from financial institutions. Another 20% e-mails claimed to be coming from false government firms, like the Internal Revenue Service (IRS).

Cross stated that in spite of the ever-changing threat landscape, the report shows that on the whole, purveyors are performing quite well by responding to security flaws, reported prnewswire.com on February 25, 2010. However, as the use of malicious exploit code in websites is increasing at a stunning rate, attackers have clearly not been thwarted.

Related article: IBM Mainframes’ Vulnerability to Attacks

» SPAMfighter News - 3/8/2010