The X-Force Emerging Threats
IBM has a security research and development team called the X-Force. The IBM X-Force team is world renowned for studying and monitoring the latest vulnerabilities and threats on the web. They are also responsible for discovering vulnerabilities that exist within our own products, as well as third party products, such as Apple. IBM will deliver security content once a vulnerability is found based on research, completed by the X-Force team. The team also will investigate active attacks, spam, phishing, viruses and other malware.
Biyearly, the X-Force team produces a report available for free to the public. I always find it interesting and will often ask my security clients questions, based on what they think and what IBM research has actually discovered. For example, a question I often ask is which operating system is more secure, Microsoft, Apple of Linux? I always hear Apple 😉 And if you have read my article in the past, you know that although Apple may have less vulnerabilities, they end up having a higher percentage of vulnerabilities not fixed, unlike Microsoft that has a lot of vulnerabilities, but always have patches, thus making them a more secure operating system at the end of the year.
This year, I have asked my clients, what was the most popular attack method against business: distributed denial of service (DdoS) attempts, which made a lot of headlines, in particular the Ddos attacks against the banks, or the typical SQL injection attacks? Attackers, continue to be lazy, and take the path of least resistance and chose SQL injection as the preferred method. SQL injection attacks in fact, continue to rise.
Web browser exploit kits, a turnkey solution for the distribution and installation of malware, continues to be popular. While Java vulnerabilities coincide with the attack kits since they provide a cross-platform and across multiple operating systems.
India gets the prize for the amount of spam originating from their country, but the United States is a close second.
If you would like to know more, why not check out the full report: IBM X-Force Annual Trend Report.
