The IBM X-Force 2009 Mid-Year Trend and Risk Report revealed many security problems with the world wide web. The report’s findings show an unprecedented state of Web insecurity as Web client, server, and content threats converge posing a huge risk for web surfers. The report finds more than a 500 percent increase in malicious Web links and increased sophistication in vulnerability exploitation.
There has been a 508% increase in the number of new malicious Web links discovered in the first half of 2009. This problem is no longer limited to malicious domains or untrusted Web sites. The report notes an increase in the presence of malicious content on trusted sites, including popular search engines, blogs, bulletin boards, personal web sites, online magazines and mainstream news sites. The ability to gain access and manipulate data remains the primary consequence of vulnerability exploitations.
The report also finds that the level of veiled Web exploits, especially PDF files, are at an all time high, pointing to increased sophistication of attackers. PDF vulnerabilities disclosed in the first half of 2009 surpassed disclosures from all of 2008. From Q1 to Q2 alone, the amount of suspicious, obfuscated or concealed content monitored by the IBM ISS Managed Security Services team nearly doubled.