14 DAY TRIAL // The IBM X-Force Research and Development team has published its 2013 mid-year report on cyber security trends and risks. The results of the study are based on the analysis of 4,100 new vulnerabilities, and 900 million new webpages and images.
According to the report, social media is increasingly used by cybercriminals for reconnaissance and attacks. Compromised social media accounts can be highly valuable for falsifying reviews of social engineering attacks.
“IBM X-Force expects to see these newer applications of social engineering become more sophisticated as attackers create complex internetworks of identities while refining the art of deceiving victims,” noted Leslie Horacek, worldwide threat response manager for IBM X-Force and senior editor of the report.
“Users must adopt a mindset of guilty until proven innocent when it comes to social media and companies should engender suspicion to protect users and assets,” she added.
As far as vulnerabilities are concerned, researchers found that the number of new vulnerabilities reported in the first half of 2013 was similar to the number reported last year. However, it’s worth noting that the number of web application vulnerabilities has slightly decreased this year.
When it comes to web vulnerabilities, cross-site scripting (XSS) remains the most common type, accounting for over half of all security holes.
In most cases (28%), successful exploitation of a vulnerability has resulted in gaining access to a system or application.
The report names the United States as the country that hosts most malicious links, 42% to be more precise. The US is followed by Germany (9.8%), China (5.9%) and Russia (4.5%).
The IBM X-Force report also covers mobile malware, watering hole attacks, zero-day attacks, and distraction and diversion techniques.
The complete trend and risk report is available on IBM’s website.