Cracks in computer defenses abound: IBM

IBM on Wednesday reported that the number of discovered cracks that hackers could exploit in computer software surged in the first half of the year.

The number of new "vulnerabilities" documented by an X-Force Research and Development team at IBM increased 36 percent to 4,396 from the same period last year and more than half lacked patches to fix the flaws.

"This year's X-Force report reveals that although threats are on the rise, the industry as a whole is getting much more vigilant about reporting vulnerabilities," said IBM Security Solutions general manager Steve Robinson.

"Threat dynamics continue to multiply and evolve at a furious pace, making it more crucial than ever to look at unfolding trends so we can better prepare our clients for the future."

Software weaknesses were most abundant in Web applications, programs accessed in browsers on the Internet, according to the team. Web application vulnerabilities accounted for 55 percent of the disclosures.

"These figures may only represent the tip of the iceberg of total Web application vulnerabilities that exist, as they do not include custom-developed Web applications," X-Force said in a report of the findings.

Covert cyber attack tactics on business computers grew in frequency and complexity, according to X-Force.

Hacker attacks using booby-trapped document files "continue to soar" as cyber crooks find new ways to trick users, the report warned.

In a bit of encouraging news, the number of "phishing" attacks in which hackers use email messages to try to dupe people into visiting bogus websites or opening tainted files plunged 82 percent, according to X-Force.

"Despite this drastic decline, financial institutions are still the number one phishing target," the team concluded.

"Credit cards, governmental organizations, online payment institutions and auctions represent the majority of other targets."

(c) 2010 AFP