IBM – Malicious Links Soared 508% in H1 2009

According to a recently released report by IBM, there was a staggering increase of 508% in malicious web links in the first half of 2009 as hackers intensified their efforts of targeting unsuspecting users.

IBM's report X-Force 2009 Mid-Year Trend and Risk Report discovered that malware authors were searching for more sophisticated and advanced methods to compromise users' computers, such as embedding malicious links in social networking web pages and blogs and compromising legitimate website.

Furthermore, IBM's security experts revealed that hackers had been increasingly relied upon cross site scripting and SQL injection attacks. They primarily targeted visitors to authentic websites that had already been infected with data pilfering Trojans.

SQL injection attacks surged 50% between the first quarter of 2008 and the same period this year (2009). In fact, they got double from the first quarter to the end of second quarter of 2009.

Kris Lamb, IBM X-Force Director, said that server, web clients and content threats combined to form an insurmountable landscape, as reported by To Daily on August 26, 2009.

Lamb said that the technological advancement had reached a point where it could be converged to gain better control of the web along with threats and threat scenarios. Although the report gives a grim picture of the cyber world, it also points to a more positive picture in few areas. For instance, computer users are increasingly aware of phishing threats emanating everyday in new form to deceive them into giving away their details.

With rising activities of cyber criminals, computer users who are indifferent to sophisticated technology integration on the web for better protection have shown cognizance to the techniques employed by criminals for extracting critical and financial details.

Security experts further said that cyber criminal had been embracing the technique of malicious link insertion in trusted websites such as social networking websites because people usually followed links in these sites.

Finally, discovery of new vulnerabilities for inserting malware in systems seems to have slowed. The volume of freshly discovered vulnerabilities slumped 8% over the first of 2008 but around 50% of them are still running without patches, said the firm.

Web application framework vendors characterize among the unpatched vulnerabilities. IBM also reported an increase in the number of obfuscated attacks against web browser flaws in order to bypass detection by conventional tools.

Related article: IBM Mainframes’ Vulnerability to Attacks

» SPAMfighter News - 9/11/2009