IBM recorded more than 1 billion suspicious computer security events in 2005, despite a leveling off in the amount of spam e-mail and a decrease in major Internet worm and virus outbreaks.
Enterprises should expect to see the same level of malicious traffic in 2006, even as online criminal groups shift to stealth attacks and cyber-extortion instead of massive, global malicious code attacks, said David Mackey, director of security intelligence at IBM.
The Armonk, New York, company has released its IBM Security Threats and Attack Trends report for 2005.
The report details the top threats of the last year, and makes predictions about prevalent security trends in 2006.
The predictions are based on threat and attack data from IBM’s Security Operation Center, which manages intrusion detection, wireless security and firewall technology for IBM customer networks, Mackey said.
“We continue to see significant reconnaissance activity, whether it’s network mapping of organizations, or malware or botnets. It’s not a global outbreakthere’s nothing that will shut down networks across the globe. It’s stealthier. It’s about compromising the greatest number of systems,” he said.
Software holes in products from Microsoft Corp., based in Redmond, Wash., continued to be a hacker’s best friend, and dominated IBM’s list of the top five security issues.
Flaws in Windows’ implementation of PnP (plug and play), which gave birth to the Zotob worm in August, topped the list of threats.
Problems with Windows’ (ASN) Abstract Syntax Notation and Graphics Rendering Engine (used to display Windows Metafile format images) were also among the top five risks last year, IBM said.
An FBI survey of computer crime finds evidence of widespread attacks. Click here to read more.
Windows holes will continue to be a top security concern in 2006, even though Windows XP Service Pack 2 has made it more difficult to launch massive, automated attacks on that system, IBM said.
However, online criminals will increasingly use focused stealth attacks on organizations and individuals. Cyber-extortion using threats of DoS (denial of service) attacks or the disclosure of sensitive data will increasingly be used in 2006, IBM predicted.
Botnets will continue to be the tool of choice for online criminals and criminal groups, though some may begin using instant messaging networks, rather than the popular IRC (Internet Relay Chat) protocol to control their minions, the report said.
Companies will also have to improve internal monitoring to catch insiders who are leaking confidential information or engaging in corporate espionage, IBM said.
“Criminals are trying to gain confidential data We’re seeing an organized effort to get as much information as possible from systems, whether it’s intellectual property, or trade secrets, or just financial information,” Mackey said.
Wireless security threats are a major concern, as companies use the technology to empower mobile workers, Mackey said.
Will anti-virus software be the next big target for worm attacks? Read more here.
IBM also predicted that users of Apple Computer Inc.’s OS X operating system will have to contend with more vulnerabilities and the potential for more attacks, as Apple shifts to the popular Intel chip platform for its Mac systems.
However, other much-hyped security trends are unlikely to break out in 2006, including attacks on VOIP (voice-over-IP) systems and on mobile devices, the report said.
In general, enterprises need to be vigilant and watch for low-level attacks, even when no major security threat is dominating headlines, Mackey said. “A lot of this stuff is under everybody’s radar. It’s a lot more concerning in that regard,” he said.
Check out eWEEK.com’s for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer’s Weblog.