Report: Criminals switching tactics to breach cyber defences

IBM's X-Force study has good news and bad news for security chiefs

Althought IT security professionals are winning the war against traditional security threats such as spam and application code exploits, cyber criminals are switching tactics to social network phishing, mobile exploits, automated password guessing, and shell command injection.

This is according to an influential security report published today.

"In 2011 we've seen surprisingly good progress in the fight against computer crime through the IT industry's efforts to improve the quality of software," said Tom Cross, manager of threat intelligence and strategy for IBM X-Force.

"In response, criminals continue to evolve their techniques to find new avenues into an organisation. As long as attackers profit from cyber crime, organisations must remain diligent in prioritising and addressing their security vulnerabilities," he added.

The good news in IBM's X-Force 2011 Trend and Risk Report includes a 50 per cent decline in spam compared wtih 2010 and a 30 per cent decline in the number of exploits published.

Furthermore the number of vulnerabilities in application code remaining unpatched declined from 43 per cent in 2010 to 36 per cent in 2011.

The report also reveals cross site scripting vulnerabilities in web applications are half as likely to exist in software as they were four years ago.

The bad news is a rise in emerging attack trends.

Attacks targeting shell command injection vulnerabilities more than doubled. The number of SQL injection vulnerabilities in publicly maintained web applications dropped by 46 per cent in 2011. So attackers now target shell command injection vulnerabilities which allow them to execute commands directly on a web server.

X-Force observed a large spike in automated password guessing activity directed at secure shell servers (SSH) in the later half of 2011 targeting systems with weak login passwords.

The report documents resurgence in phishing activity in the second half of 2011, particularly with emails purporting to be from social networks enticing users to click on malware links.

New platforms present new opportunities for cyber criminals. The report shows publicly released mobile exploits rose 19 per cent.