IBM 2011 Study Shows Progress Against Security Threats But Attackers Adapt

ARMONK, N.Y., March 22, 2012 /PRNewswire/ — IBM (NYSE: IBM) today released the results of its X-Force 2011 Trend and Risk Report, which shows surprising improvements in several areas of Internet security such as a reduction in application security vulnerabilities, exploit code and spam. As a result, the report suggests attackers today are being forced to rethink their tactics by targeting more niche IT loopholes and emerging technologies such as social networks and mobile devices.

The X-Force 2011 Trend and Risk Report revealed a 50 percent decline in spam email compared to 2010; more diligent patching of security vulnerabilities by software vendors, with only 36 percent of software vulnerabilities remaining unpatched in 2011 compared to 43 percent in 2010; and higher quality of software application code, as seen in web-application vulnerabilities called cross site scripting half as likely to exist in clients’ software as they were four years ago.

In light of these improvements, it seems attackers are adapting their techniques. The report uncovers a rise in emerging attack trends including mobile exploits, automated password guessing, and a surge in phishing attacks. An increase in automated shell command injection attacks against web servers may be a response to successful efforts to close off other kinds of web application vulnerabilities.

To view the full X-Force 2011 Trend and Risk Report and watch a highlight video please visit www.ibm.com/security/xforce.

Leave a Reply