IBM: Biggest threat to the cloud could be security issues

The number of exploitable options in computer programs grew by 36 percent in 2010, largely a result of the increased prevalence of Web apps and looming cloud-computing security threats, according to IBM’s X-force security report released Thursday.

IBM researchers said the recent growth of cloud computing and remote desktop access will likely become a sore point for security issues, as hackers cracking into a master rig that controls several virtual desktops could theoretically access all of those desktops.

Web apps had the largest number of security vulnerabilities, growing by 55 percent year-over-year. The report indicated that incidents of malicious code hidden in JavaScript, a common interactive scripting language, and other Web app code rose by 52 percent compared to the same period a year earlier.

Exploits of documents in Adobe’s PDF format rose 37 percent. Most of that increase can be attributed to the use of PDF exploits earlier this year to expand the Zeus and Pushdo botnets, organized networks of infected computers manipulated remotely by hacker gangs.

Phishing activity, which involves tricking users into putting information like bank account logins into a website masquerading as a bank or email service, fell 82 percent from the same period a year earlier. Browser makers have taken measures to discourage phishing attempts by warning users. About half of all phishing attacks in 2010 were coordinated against financial websites, such as those of banks.

More than half of the security vulnerabilities listed in IBM’s X-force report were not patched by suppliers or vendors by the end of the first half of 2010, when the reporting period ended.

[Photo: Clip Works]

blog comments powered by Disqus