IT gladiator takes the next stand
IT gladiator takes the next stand
May 9, 2008: The first reaction most people have to the word ‘X-Force’ is that it must be some kind of cheesy 70’s action comic, complete with skin-tight spandex suits and underwear worn on the outside. Despite the absence of superheroes on their team, IBM’s X-Force has a phenomenal task on their hands as they sort through thousands of web based threats to compile their latest report into the realm of online security.
While it’s tough to know for sure whether X-Force employees do in fact own spandex garments, it’s easy to see how the numerous threats that are out there can add up to such a work load. Email based threats alone account for such a vast array of daily attacks that it’s surprising that analysts have time for anything else.
The X-Force report draws attention to the infamous Storm Botnet, anetwork of infected computers being operated without their owner’s knowledge and in massive numbers. Big Bluenow believes that as many as 5-10%of internet devices have unwillingly become a part of these bot armies.
Kris Lamb, operations manager, X-Force Research and Development for IBM’s Internet Security Systems (ISS) says the Storm Worm provides a microcosm of the kinds of threats users faced in 2007.
“All in all, the exploits used tospread Storm Worm are a blend of the various threats tracked by X-Force, including spam, phishing and drive-by-downloads by way of Web browser exploitation,” says Lamb.
It isn’t all doom and gloom though, as X-Force reports that the size of spam emails has been on a rapid decrease, dropping to levels not seen since 2005. This positive step has been attributed to the efficient methods of combating image-based spam which is forcing malicious users to resort to other means.
Peter Allor, worldwide director of Intelligence at IBM ISS believes the important thing for 2008 is how the trends are changing when it comes to the issue of security. One of these trends is the increasing sophistication of attacks on web browsers throughout the world and particularly the rise of targeted attacks. IBM is sinking huge resources into the area, which has been tipped to continue its consistent rise throughout the year.
“IBM doesn’t have just one division in terms of security, we think it’s important from a corporate perspective to have a diverse range,” says Allor. “We have a lot of experts that we can bring to bear.”
According to Allor, the underground has been looking to sail the high seas of profit, or are cashing out and moving on if an area becomes untenable. This has lead to an increased level of vulnerabilities worldwide and has subsequently put most organisations at higher risk.
“The interesting part is the hackers are licensing pieces of malware, just like legitimate software businesses do.”While the licensing business is busy lining the purses of many hacking conglomerates, it’s causing major headaches for security firms as the skill requirements to get started in the malware business just went down several notches.
Allor explains that the rise in popularity of hacking toolkits and how easy it is to get started is being made worse by the legal difficulties of prosecution. “In Brazil for example they’re usually released the same day and all they lose is their computer,” he said.
Putting criminals away may not be getting any easier, but the skills of law enforcement agencies have gotten better. X-Force believes there is an amazingly high level of skills being gained at a national level. This has contributed to a drop in the total number of vulnerabilities being present, particularly with the fall from grace of image based spam being the biggest threat, though it hasn’t dropped the actual risk level.
“Things haven’t gotten any more secure because people don’t understand the risks. Because of this lack of understanding people don’t think things through,” says Allor. “At the end of the day it starts with people not following procedures.”
One of the risks that isn’t being understood, according to X-Force, is removable storage. Allor explains that workers no longer have to walk out with a box full of files as they could have the same amount on a thumb drive. Even iPods which are common amongst workers are a cause for concern as they can facilitate huge data losses.
According to Big Blue’s security gurus you’re never going to obtain 100% protection, you can gauge what your risk is and adjust it accordingly. While the safest thing to do is unplug your computer and never turn it on, this won’t actually get any work done. The far better option is getting a best set of practices in place and managing your risk levels, which will get that work done safely.