Sophisticated, Targeted Security Threats Marked 2010

Releasing the results of its X-Force 2010 Trend and Risk Report, an annual assessment of the security landscape, IBM highlights that public and private organizations around the world faced increasingly sophisticated, customized IT security threats in 2010.

According to the report, over 8,000 new vulnerabilities were documented, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. Thereby, indicating an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.

The report highlights a shift in perception about cloud security as adoption continued to evolve and knowledge around this emerging technology increased. Since security is still considered an inhibitor to cloud adoption, the report suggests that cloud providers must earn their customers’ trust by providing an infrastructure that is secure by design with purpose-built security capabilities that meet the needs of the specific applications moving into the cloud. As more sensitive workloads move into the cloud, the security capabilities will become more sophisticated.

More from Biztech

Future Group - Reliance Retail Deal approved by CCI RBI ban on cryptocurrencies takes effect; prohibition could force investors to tap the black market

Over time, IBM predicts the market will drive the cloud to provide access to security capabilities and expertise that is more cost effective than in-house implementations. This may turn questions about cloud security on their head by making an interest in better security a driver for cloud adoption, rather than an inhibitor.

In 2010, IBM X-Force documented increase in the volume of vulnerabilities disclosed in mobile devices as well as the disclosure of exploits that target them. As end user adoption of smartphones and other mobile devices increased, IT security departments struggled to determine the right way to bring these devices safely into corporate networks. Organizations are increasingly concerned about the security implications of personal mobile devices used by employees. Organizations must ensure control of their data regardless of where it is, including employee-owned or business-issued smartphones. According to the IBM X-Force Report, best practices for mobile security are evolving with enhanced password management and data encryption capabilities.

According to Tom Cross, Threat Intelligence Manager, IBM X-Force, “From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day. The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical.”

The intelligence is gathered through research of public vulnerability disclosures, and the monitoring and analysis of more than 150,000 security events per second during every day of 2010.