IBM Calls Internet Wild West

Malicious links up 500%

Get the WebProNews Newsletter:

[ Technology]

There has been a 508 percent increase in the number of new malicious Web links discovered in the first half of 2009, according to IBM’s X-Force 2009 Mid-Year Trend and Risk Report.

The report found an increase in the presence of malicious content on trusted sites, including search engines, blogs, bulletin boards, personal websites, online magazines and mainstream news sites.

Kris Lamb, X-Force Director
Kris Lamb
X-Force Director

The level of web exploits, especially in PDF files are at an all time high indicating the increased sophistication of attackers. PDF vulnerabilities seen in the first of 2009 surpassed all those detected in 2008.

"The trends highlighted by the report seem to indicate that the Internet has finally taken on the characteristics of the Wild West where no one is to be trusted," said X-Force Director Kris Lamb.

"There is no such thing as safe browsing today and it is no longer the case that only the red light district sites are responsible for malware. We’ve reached a tipping point where every Web site should be viewed as suspicious and every user is at risk. The threat convergence of the Web ecosystem is creating a perfect storm of criminal activity."

Highlights of the report include:

Vulnerabilities have reached a plateau. There were 3,240 new vulnerabilities discovered in the first half of 2009, an eight percent decrease over the first half of 2008. The rate of vulnerability disclosures in the past few years appears to have reached a high plateau. In 2007, the vulnerability count dropped for the first time, but then in 2008 there was a new record high. The annual disclosure rate appears to be fluctuating between six and seven thousand new disclosures each year.

PDF vulnerabilities have increased. Portable Document Format (PDF) vulnerabilities disclosed in the first half of 2009 already surpassed disclosures from all of 2008.

Trojans account for more than half of all new malware. Continuing the recent trend, in the first half of 2009, Trojans comprised 55 percent of all new malware, a nine percent increase over the first half of 2008. Information-stealing Trojans are the most prevalent malware category.

Phishing has decreased dramatically. Analysts believe that banking Trojans are taking the place of phishing attacks geared toward financial targets. In the first half of 2009, 66 percent of phishing was targeted at the financial industry, down from 90 percent in 2008. Online payment targets make up 31 percent of the share.

URL spam is still number one, but image-based spam is making a comeback. After nearing extinction in 2008, image-based spam made a comeback in the first half of 2009, yet it still makes up less than 10 percent of all spam.

Nearly half of all vulnerabilities remain unpatched. Similar to the end of 2008, nearly half (49 percent) of all vulnerabilities disclosed in the first half of 2009 had no vendor-supplied patch at the end of the period.

"Two of the major themes for the first half of 2009 are the increase in sites hosting malware and the doubling of obfuscated Web attack," said Lamb.

"The trends seem to reveal a fundamental security weakness in the Web ecosystem where interoperability between browsers, plugins, content and server applications dramatically increase the complexity and risk. Criminals are taking advantage of the fact that there is no such thing as a safe browsing environment and are leveraging insecure Web applications to target legitimate Web site users."

IBM Calls Internet Wild West
Top Rated White Papers and Resources
  • http://www.ph-miracle-diet.com Joan

    This is a very disturbing trend. One can almost not leave your house anymore and the Internet is now going the same route. Makes you very scared for the future!

  • http://www.bikeshopcastlehill.com.au Home Solar Power Systems

    The report is quite interesting and I do agree with this. Nowadays, there are “N” number of malicious links. Compared to 2008, it is very much higher in the case of malicious links and also with the virus I think it’s the time for the technologists to find a possible solution in order to decrease or to stop the spread of these malicious links

  • http://cheapcoinsorter.blogspot.com/ Cheap Coin Sorter

    How can you consider a link as malicious anyways? And there are also numerous trojans and You don’t even know how and what are these trojans actually does.

  • Bob

    There’s a lot more on this topic at www.stophcommerce.com
    Its a documentary on hackers, explains botnets, sprearphishing, bluejacking, etc. Also has commentary from Wozniak, Capt. Crunch, guys from DefCon and the Dept. of Defense. Good stuff!

  • http://www.videoeditormac.com/ Video Editor for Mac

    I agree with IBM’s point. Internet is still growing but not adult.

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom