IBM X-Force® Report Reveals Phishing, Document-Related Threats Rising Dramatically

Attackers Target Profitable and Easily Executable Vulnerabilities in Web Browsers and Document Readers

Select a topic or year

ARMONK, N.Y., - 25 Feb 2010: IBM (NYSE: IBM) today released results from its annual IBM X-Force® 2009 Trend and Risk Report. The report's findings show that existing threats such as phishing and document format vulnerabilities have continued to expand, even as clients have generally made strides to improve security.

The IBM X-Force® Report reveals three main threats that demonstrate how attackers increasingly targeted people using the Internet for monetary gain or data theft. The number of new malicious Web links has skyrocketed globally in the past year. Phishing activity, in which an attacker attempts to acquire sensitive information by masquerading as a legitimate organization, also increased dramatically in the second half of 2009. Vulnerability disclosures for document readers and editors continued to soar, specifically with Portable Document Format (PDF) documents.  

The IBM X-Force® 2009 Trend and Risk Report also finds that:

"Despite the ever-changing threat landscape, this report indicates that overall, vendors are doing a better job responding to security vulnerabilities," said Tom Cross, manager of IBM X-Force Research. "However, attackers have clearly not been deterred, as the use of malicious exploit code in Web sites is expanding at a dramatic rate."

The IBM X-Force® research and development team has been cataloguing, analyzing and researching vulnerability disclosures since 1997. With more than 48,000 security vulnerabilities catalogued, it has the largest vulnerability database in the world. This unique database helps X-Force researchers to understand the dynamics that make up vulnerability discovery and disclosure.

"IBM continues to invest in strategic research like this report to create value for our clients and the security industry," said Al Zollar, general manager, Tivoli Software, IBM Software Group. "With insight from our X-Force research team, our professional and managed services offerings, and our software, we can help enable the most secure IT infrastructure while meeting clients' risk, governance and compliance requirements."

IBM is one of the world's leading providers of risk and security solutions. Through product offerings, professional security services and managed security services, IBM provides ultimate flexibility and breadth of solutions as a trusted security partner. Clients around the world team with IBM to help reduce the complexities of security and strategically manage risk. The IBM experience and range of risk and security solutions -- from dedicated research, software, hardware, services and global Business Partner relationships -- are unsurpassed, helping clients secure business operations and implement company-wide, integrated risk management programs.

For more security trends and predictions from IBM, including graphical representations of security statistics, please access the full report at:

About IBM

For more information, please visit

IBM and X-Force are trademarks of International Business Machines Corporation in the United States, other countries, or both.

Related XML feeds
Topics XML feeds
IBM Security
IBM solutions that help with security, risk management, and compliance
News of interest to IBM investors