July 4, 2005 - (HOSTSEARCH.COM) - Thursday, IBM reported that phishing attacks increased 226 percent, while viruses and worms, such as Sober and Mytob, also continued to spread rapidly through email and web applications, according to its May Global Business Security Index.
IBM security experts attribute the increase in phishing attacks to the rise of zombie botnets being used to pump out massive volumes of the scam emails used in phishing attacks, as cyber-criminals look to increase their profits.
IBM's report also indicates that in May more than 30 percent of emails contained some form of virus -- a 33 percent increase from the previous month. In many instances, the virus traveling via email infiltrated a computer's hard drive and then forwarded itself to the user's entire address book.
In addition, IBM reports that application hacking is how 90 percent of target systems are exploited. Two critical points in web application security are the creation and management of sessions and filtering all data input. These types of compromises from a web application can lead to exposure of banking information, private sensitive data like credit card information, and competitive intelligence information.
Key findings from IBM's May Global Business Security Index include:
-- Phishing explodes: Phishing incidents reached a peak point in January 2005 and then dropped again. In May, phishing attacks exceeded anything previously recorded, increasing by 226 percent.
-- Viruses grew: In May 1 in 32.2 (3.12 percent of all email) emails contained some form of virus or trojan attack, a significant increase over the past month of 33 percent. To combat malwares such as Sober and Mytob, and other variants of these viruses, IBM advises organizations to keep antivirus signatures up-to-date, and to keep current with Windows patches.
-- Spam levels off: In May, 68.7 percent of inbound email traffic contained some form of spam. This figure has remained relatively unchanged over the past three months; During the same period, the proportion of unwanted email originating from known botnets and open proxy sources has dropped by a further 1.7 percent for the second month running.
-- Application hacking exploits: Ninety percent of target systems are exploited because of Web application hacking. Financial applications and online shopping accounts are popular targets. Top Web application vulnerabilities include: invalidated input; cross-site scripting flaws; injection flaws; broken authentication and session management; and improper error handling.
-- Malware scam: a malware hijacking threat was discovered operating from the host name iframeDOLLARS.biz. This website attempted to recruit partner websites to host a variety of malicious code to exploit Internet Explorer browsers. A successful exploit would result in numerous trojans, backdoors and spyware installed on the client. IBM has been identifying the hosting ISPs, strongly recommending the malicious Web sites be removed.
-- Educational institutions systems pharmed: In late May, after a long period of calm, IBM security analysts observed active exploitation of a Microsoft Library ASN.1 vulnerability. Correlating the signatures with other security events, IBM was able to determine that several attacking sources belonged to educational institutions, revealing that the attacking sources were compromised hosts, belonging to an Rbot network. IBM quickly notified customers and possibly infected institutions to address any outstanding issues.
"IT systems have become so crucial to today's business operations, work productivity, and customer service, that even a small disruption can have serious impact on business operations, and loss of data integrity or confidentiality can lose a customer base that took years to build," said Cal Slemp, vice president, security and privacy services, IBM Global Services. "Security is now something that companies can no longer afford to be without. IBM's approach offers companies a way to reduce overall business risk while helping them comply with legislations, regulations and build better business intelligence."
The IBM Global Business Security Index Report is a monthly report that assesses, measures and analyzes potential network security threats based on the data and information collected by IBM's 2,700 worldwide information security professionals and half a million monitored devices.