Year 2007 To See Further Rise In Security Vulnerabilities

The increasing production of malware both in volume and sophistication will make it harder for IT security departments of enterprises to counter cyber crime. 2007 will see more of spam, phishing, malware and other kinds of online attacks as more cyber criminals join into sophisticated manufacturing and form distribution gangs that would operate parallel with computer industry's legitimate output channels, according to a report released on January 29, 2007.

The report, a work of the IBM Internet Security Systems (ISS) X-Force research and development team, says that researchers recorded and assessed 7,247 new vulnerabilities in 2006. That is equivalent to 20 new vulnerabilities every day. Moreover, ISS reported a 40% growth in security flaws over 2005. Of the total vulnerabilities in 2006, attackers could exploit 88% remotely and more than 50% allowed exploitation to gain illegal access to computers.

The report further says that after the top ten vendors publicly declared vulnerabilities in 2006, 86% obtained a security patch. Other vendors took care of the remaining vulnerabilities of which patches were developed for 65% of the flaws.

However, according to Gunter Ollmann, director of security strategy for IBM Internet Security Systems, in a company press release, while the above statistics show a grim picture, the research indicates favorably, a decline in the number of highly effective vulnerabilities since 2006.

In 2005, the high-impact vulnerabilities comprised 28% of the total vulnerabilities against which 2006 had only 18%. Although the security industry has progressed significantly over the past year, and statistics show promising results, but 2007 will necessitate greater vigilance and innovation to combat new threats and attacks with new magnitude and direction, said Ollmann.

With regard to other online threats the study found spam rising by 39.5% in 2006 from the previous year. Image-based spam accounted for 40% of all spam mails in 2006.

A spam mail with subject line: 'Re: Hi' is likely to fill inboxes. The study said spammers distributed this mail most frequently in 2006. The next to follow were 'Canadian Online Drugstore' and a blank subject head. With regard to such spam mails Ollmann says not everyone has become wiser.

Related article: Year 2008 to See More of Malware Spam

» SPAMfighter News - 2/3/2007