Key highlights in the IBM X-Force 2012 Trend & Risk Report
Melissa Stevens 270005B76W MELISSAS@US.IBM.COM | | Tags:  malware mobile spam security byod xforce sandbox
0 Comments | 4,126 Visits
I’m happy to announce that today the IBM X-Force Mid-Year 2012 Trend and Risk report is out the door!
If you remember, early in 2011, IBM X-Force declared it the year of the security breach. Enterprises both large and small were targeted. In 2012, the trend has continued and the topic of security breaches quickly rose to the top of discussion lists from board rooms to blogs and to major media. Executives and security professionals around the world have had to assess and understand just how well they might be doing in this combustible environment of attack activity. They continue to ask the hard questions about how to secure an enterprise that is interconnected by means of cloud, mobile, and outsourcing technologies.
As a security research organization, IBM X-Force has traditionally viewed security breaches with a technical focus. However, we have modified our view of attacks and breaches over time to encompass a greater business context.
So let’s dive into those highlights…
New Attack Surfaces with Equal Opportunity Exploits
Since the last X-Force Trend and Risk Report, IBM’s X-Force has seen an increase in malware and malicious web activities.
A continuing trend for attackers is to target individuals by directing them to a trusted URL or site which has been injected with malicious code. Through browser vulnerabilities, the attackers are able to install malware on the target system. The websites of many well-established and trustworthy organizations are still susceptible to these types of threats. These equal opportunity exploits allow attackers to create a common code base for distributing malware across Windows, Mac, and in some cases even Linux.
As the user base of the Mac operating system continues to grow worldwide, it is increasingly becoming a target of Advanced Persistent Threats (APTs) and exploits, rivaling those usually seen on Windows platforms.
Reviewing the state of Mac malware during the first half of 2012, we observe three major developments.
Apple has released additional security features in the most recent version of OS X, Mountain Lion. X-Force, however, will not be surprised if attackers, APT-related or just financially motivated, find ways to continue on the OS X platform.
Jump over the the Frequency-X blog to read the rest of this post, which includes findings about password security, trends in mobile security, BYOD and much more.