Infosec: One Step Forward, One Step Back

Analyzing IBM's X-Force 2012 Mid-Year Trend and Risk Report
As the overall number of "true exploits" have decreased, targeted ones - especially those initiated by criminals or nation states - are becoming harder to detect, say Rick Miller, director of IBM Managed Security Services.

His conclusion is based on IBM's recently issued X-Force 2012 Mid-Year Trend and Risk Report, which he discussed in an interview with Information Security Media Group.

The report identifies an upward trend in overall vulnerabilities, with a possibility of an all-time high by year end. Even so, IBM X-Force Threat Report data continue to demonstrate declines in true exploits, with fewer than 10 percent of all publically disclosed vulnerabilities subjected to exploits.

Why the decrease in true exploits? Vendors have gotten better at improving their wares to protect against known vulnerabilities, Miller says. "Their programs to shore up the security hole have been working," he says. "Some of the most exploited applications, Adobe, for example, have implemented the sandbox technology, and you've seen the number of reported vulnerabilities in the application plummet on that new technology. And, that's a great thing.

"But you also see, for sure, because of these targeted attacks, the value of finding a new vulnerability that is not publicly known [and that's] very valuable to these organizations that engage in cybercrime and activities."

In the interview, Miller also addresses X-Force Threat Report findings that have seen an increase in malware and malicious web activities, including:

  • A continuing trend for attackers is to target individuals by directing them to a trusted URL or site which has been injected with malicious code. Through browser vulnerabilities, the attackers are able to install malware on the target system. The websites of many well-established and trustworthy organizations are still susceptible to these types of threats.
  • The growth of SQL injection, a technique used by attackers to access a database through a website, is keeping pace with the increased usage of cross-site scripting and directory traversal commands.
  • As the user base of the Mac operating system continues to grow worldwide, it is increasingly becoming a target of advanced persistent threats and exploits, rivaling those usually seen targeting the Windows platform.

At IBM, Rick Miller is responsible for business leadership and operations of multiple IBM Security Operations Centers worldwide. His team works with thousands of global customers, manages billions of security events a day and regularly contributes to the X-Force Threat reports.

An early pioneer in managed security services, Miller founded the Internet services company Netrex, a regional Internet service provider during the early days of corporate Internet connectivity. He designed some of the very early customer premise managed security offerings for firewall, scanning and intrusion detection services.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.