November 17, 2014 By Leslie Horacek 3 min read

Today, IBM released the fourth edition of the 2014 IBM X-Force Threat Intelligence Quarterly, which focuses on how the Internet continues to connect more people, places and things, resulting in a new range of security risks. In particular, it takes a closer look at new threats from the Internet of Things (IoT) and the sources of malware and botnet infections.

IoT Transforms Security Landscape

By innovating how we connect, this technology is transforming how security threats are viewed in our lives and in business. Today, it may seem more like a curiosity than a valid business concern. Upon hearing the term “IoT,” many call to mind a circus of devices with esoteric functions, such as Google Glass and the new Apple Watch wearables, or perhaps home automation hardware such as thermostats that are aware of their owners’ presence or refrigerators that post to Facebook when you’re out of milk.

However, in a November 2014 report, analysts estimate that the IoT will represent 30 billion connecting “things” by 2020, growing from 9.9 billion in 2013. These connected “things” are largely driven by intelligent systems collecting and transmitting data. While we are still defining what the IoT is and how it will benefit individuals and enterprises, rest assured that it is a revolution and will take its place among existing emerging technologies such as the cloud, analytics, mobile and social. As with other broad categories of technology such as the cloud or mobile, the IoT can offer productivity and quality-of-life improvements, but it can also drag in its wake a host of unknown security threats. The devices that comprise the broad IoT perform different functions, expose wildly diverse threat surfaces and require security strategies that are specific to each category of device. IBM X-Force has created a model of the IoT that is useful for understanding the security threats at various data flow and control transition points. 

In the past few years, the types of attacks that have been reported across the IoT have been varied, such as the exploitation of Web application vulnerabilities, man-in-the-middle attacks and password attacks. Another important area that is not explored in the report but is important to mention is employees working from home with cable/DSL modems and home routers. When a remote employee’s traffic enters back through the enterprise network, the types of attacks available should be a deep concern for security administrators. This topic was explored in greater depth earlier in the year in an X-Force blog post about remote workers and home security.

Does Developing Secure Software Exclude Hardware Manufacturers?

IBM has cautioned in the past that designing security from the outset and exercising secure development practices is vital to creating secure products. As the “things” that comprise the IoT are developed by multiple manufacturers, this advice becomes more relevant because the consequences affect not just the integrity of data and privacy of the owners of that data, but also the safety of users. To help address the security challenges within the IoT, IBM X-Force recommends that manufacturers do the following:

Reputation Counts: The Sources of Malware and Botnets

This latest report also looks at some findings gleaned from IBM X-Force’s IP Reputation database. IBM X-Force wanted to establish a baseline of the sources of massively distributed malware. It looked at the countries where malicious links are most often hosted and the geographic distribution of botnet command-and-control (C&C) servers.

Download the latest research from IBM X-Force

Typically, attackers use remote code execution to install malware, which may have any number of malicious actions, such as keylogging, screen-grabbing and remote access for the attackers. Those actions all result in stolen data, which the malware reports to its C&C servers. Although the United States hosts the largest number of contaminated IP addresses for both malware and botnet C&C servers, when normalized for addressable IP space, Eastern European countries show the highest infection rates.

More from X-Force

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Audio-jacking: Using generative AI to distort live audio transactions

7 min read - The rise of generative AI, including text-to-image, text-to-speech and large language models (LLMs), has significantly changed our work and personal lives. While these advancements offer many benefits, they have also presented new challenges and risks. Specifically, there has been an increase in threat actors who attempt to exploit large language models to create phishing emails and use generative AI, like fake voices, to scam people. We recently published research showcasing how adversaries could hypnotize LLMs to serve nefarious purposes simply…

ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware

12 min read - As of December 2023, IBM X-Force has uncovered multiple lure documents that predominately feature the ongoing Israel-Hamas war to facilitate the delivery of the ITG05 exclusive Headlace backdoor. The newly discovered campaign is directed against targets based in at least 13 nations worldwide and leverages authentic documents created by academic, finance and diplomatic centers. ITG05’s infrastructure ensures only targets from a single specific country can receive the malware, indicating the highly targeted nature of the campaign. X-Force tracks ITG05 as…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today