India home for phishing emails: IBM

Public and pvt cos around the world faced sophisticated, customized IT security threats in 2010.

Updated: May 25, 2011, 14:31 PM IST

Zeenews Bureau

New Delhi: IBM recently released results from its annual X-Force 2010 Trend and Risk Report, highlighting that public and private organizations around the world faced increasingly sophisticated, customized IT security threats in 2010.

According to the report, India was the top country for phishing email origination in 2010 at 15.5 percent, followed by Russia at 10.4 percent. Spam has continued to incline and grow continuously in India from spring 2009 to autumn 2010. The report highlights that U.S., India, Brazil, and Vietnam were the top four spam-sending countries, accounting for nearly one third of worldwide spam.

Based on the intelligence gathered through research of public vulnerability disclosures, and the monitoring and analysis of more than 150,000 security events per second during every day of 2010, key observations from the IBM X-Force Research team included:

More than 8,000 new vulnerabilities were documented, a 27 percent rise from 2009. Public exploit releases were also up 21 percent from 2009 to 2010. This data points to an expanding threat landscape in which sophisticated attacks are being launched against increasingly complex computing environments.

The historically high growth in spam volume leveled off by the end of 2010. This indicates that spammers may be seeing less value from increasing the volume of spam, and instead are focused on making sure it is bypassing filters.

While overall there were significantly fewer phishing attacks relative to previous years, “spear phishing,” a more targeted attack technique, grew in importance in 2010. This further indicates that cyber criminals have become more focused on quality of attacks, rather than quantity.

India along with USA, Brazil, Vietnam, and Russia are the top five countries for spam origination in 2010

As end user adoption of smartphones and other mobile devices increased, IT security departments have struggled to determine the right way to bring these devices safely into corporate networks. Although attacks against the latest generation of mobile devices were not yet widely prevalent in 2010, IBM X-Force data showed a rise in vulnerability disclosures and exploits that target these devices.

“From Stuxnet to Zeus botnets to mobile exploits, a widening variety of attack methodologies is popping up each day,” said Pradeep Nair, Director, IBM Software Group, IBM ISA. He added, “The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical. We have seen significant increase in interest from clients in India to enhance the reliability of their security infrastructure.”