Browser-related exploits, like recent ones for Internet Explorer and Java, are increasing along with renewed concerns around social media password security, a new survey found.
On top of that, there seems to be a disparity in mobile devices and corporate bring-your-own-device (BYOD) programs.
There is a continuing trend for attackers to target individuals by directing them to a trusted URL or site injected with malicious code, according to the IBM X-Force 2012 Mid-Year Trend and Risk Report.
Through browser vulnerabilities, attackers are able to install malware on the target system. In addition, the growth of SQL injection, a technique used by attackers to access a database through a website, is keeping pace with the increased usage of cross-site scripting and directory traversal commands, the survey said.
IBM also noted attackers are no longer primarily attracted to the Windows universe. The user base for the Mac operating system continues to grow worldwide, so that system is also becoming a bigger target of advanced persistent threats (APTs) and exploits.
“We’ve seen an increase in the number of sophisticated and targeted attacks, specifically on Macs and exposed social network passwords,” said Clinton McFadden, senior operations manager for IBM X-Force research and development. “As long as these targets remain lucrative, the attacks will keep coming and in response, organizations should take proactive approaches to better protect their enterprises and data.”
At the mid-year point in 2012, IBM sees an upward trend in overall vulnerabilities, with the possibility of an all-time high by year-end. Having said that, the survey shows a decline in true exploits, with only 9.7% of all publically disclosed vulnerabilities subjected to exploits.
That’s mainly due to improvements from the top ten vendors on patching vulnerabilities and a significant decrease in the area of portable document format (PDF) vulnerabilities. IBM said this area of improvement directly relates to the new technology of sandboxing provided by the Adobe Reader X release.
Sandboxing technology works by isolating an application from the rest of the system, so if compromised, the attacker code running within the application is limited in what it can do or access. Sandboxes are proving to be a successful investment from a security perspective, IBM noted. In the X-Force report, there was a significant drop in Adobe PDF vulnerability disclosures during the first half of 2012, which coincides nicely with the adoption of Adobe Reader X, the first version of Acrobat Reader released with sandboxing technology.
In terms of mobile security, the BYOD phenomenon continues to be the main game-changing transformation. Many companies are still in their infancy in adapting policies for allowing employees to connect their personal laptops or smartphones to the company network.
While there are reports of exotic mobile malware, most smartphone users are still most at risk of premium SMS scams, which automatically send text messages to premium phone numbers in a variety of different countries from installed applications.
There are multiple scam infection approaches for this, such as offering users an application that looks legitimate in an app store but only has malicious intent; presenting an application that is a clone of a real application with a different name and some malicious code; or hacking a real application to wrap it with malicious code. The latter is typically in an alternative app store.