There has been a 508% increase in the number of new malicious Web links discovered in the first half of 2009. IBM has released results from its X-Force 2009 Mid-Year Trend and Risk Report.
The X-Force report reveals that the level of veiled Web exploits, especially PDF files, are at an all time high, pointing to increased sophistication of attackers. PDF vulnerabilities disclosed in the first half of 2009 surpassed disclosures from all of 2008, it says.
From Q1 to Q2 alone, the amount of suspicious, obfuscated or concealed content monitored by the IBM ISS Managed Security Services team nearly doubled.
“The threat convergence of the Web ecosystem is creating a perfect storm of criminal activity,” believes X-Force director Kris Lamb.
The report further says that Web security is no longer just a browser or client-side issue; criminals are leveraging insecure Web applications to target the users of legitimate Web sites.
The X-Force report found a significant rise in Web application attacks with the intent to steal and manipulate data and take command and control of infected computers.
For example, SQL injection attacks – attacks where criminals inject malicious code into legitimate Web sites, usually for the purpose of infecting visitors – rose 50% from Q4 2008 to Q1 2009 and then nearly doubled from Q1 to Q2.
The 2009 Midyear X-Force report also finds that:
- Vulnerabilities have reached a plateau. There were 3,240 new vulnerabilities discovered in the first half of 2009, an 8% decrease over the first half of 2008.
- PDF vulnerabilities have increased. Portable Document Format (PDF) vulnerabilities disclosed in the first half of 2009 already surpassed disclosures from all of 2008.
- Trojans account for more than half of all new malware. Continuing the recent trend, in the first half of 2009, Trojans comprised 55% of all new malware, a 9% increase over the first half of 2008. Information-stealing Trojans are the most prevalent malware category.
- Phishing has decreased dramatically. Analysts believe that banking Trojans are taking the place of phishing attacks geared toward financial targets. In the first half of 2009, 66% of phishing was targeted at the financial industry, down from 90% in 2008. Online payment targets make up 31% of the share.
- URL spam is still number one, but image-based spam is making a comeback. After nearing extinction in 2008, image-based spam made a comeback in the first half of 2009, yet it still makes up less than 10% of all spam.
- Nearly half of all vulnerabilities remain unpatched. Similar to the end of 2008, nearly half (49%) of all vulnerabilities disclosed in the first half of 2009 had no vendor-supplied patch at the end of the period.
According to IBM, the X-Force research team has been cataloguing, analyzing and researching vulnerability disclosures since 1997. With more than 43,000 security vulnerabilities catalogued, it has the largest vulnerability database in the world, claims the company.