Users are more at risk from malicious websites that
steal credit cards than ever before, according to the
latestIBM X-Force 2009 Mid-Year Trend and Risk
report. Evenlegitimate sites may pose serious security
risks.
The report's findings show an unprecedented state of insecurity
as web client, server and content threats converge to create an
untenable risk landscape.
According to the X-Force report, there has been a 508% increase
in the number of malicious web links discovered in the first half
of 2009.
This problem is no longer limited to malicious domains or
untrusted websites, according to X-Force. There is also an increase
in the presence of malicious content on trusted sites, including
popular
search engines, blogs, bulletin boards, personal websites,
online magazines and mainstream news sites. The ability to gain
access and manipulate data remains the primary consequence of
vulnerability exploitations, X-Force warned.
The X-Force report identified increasingly sophisticated
attacks, such as those using PDF vulnerabilities. From the first to
the second quarter of 2009, the amount of suspicious, obfuscated or
concealed content monitored by the IBM ISS Managed Security
Services team nearly doubled.
X-Force Director Kris Lamb, said, "There is no such thing as
safe browsing today and it is no longer the case that only the red
light district sites are responsible for malware. We've reached a
tipping point where every website should be viewed as suspicious
and every user is at risk. The threat convergence of the web
ecosystem is creating a perfect storm of criminal activity."