February 22, 2016 By Leslie Horacek 3 min read

Today we released the IBM X-Force Threat Intelligence Report. In 2015, organized crime groups really stepped up their game by focusing on higher-value records such as health-related personally identifiable information (PII) and other types of sensitive data to exceed initial forecasts for the year.

To say it was an exciting year would be understatement! Cybercrime had an epic year, with criminals chasing opportunities everywhere — and affecting everyone.

Cybercriminals’ Targets Are Bigger, and Their Rewards Greater

The demand for leaked data is trending toward higher-value records such as health-related PII and other sensitive data, with less emphasis on the emails, passwords and even credit card data that were the targets of years past. We see this in both the breach trends and the evolution of malware to target high-value bank accounts.

Read the complete 2016 IBM X-Force Threat Intelligence Report

The top 10 list of malware code listed in the figure below reveals that cybercrime is no longer the domain of amateurs. While lone attackers and small factions continue to use the Zeus code for their fraud attempts, the more impactful cybercrime is without a doubt the domain of organized gangs.

Breaches Without Borders and the Sophistication of Attack Techniques

News of breaches are being reported more widely around the world. This is reflected not only in the volume of incidents reported publicly, but also new government regulations requiring disclosure, such as those the Netherlands has implemented.

In 2015, there were notable breaches reported in Canada, Australia, the U.K., France, Turkey and Japan.

Malware, too, has continued to move around the globe, with Shifu jumping from Japan to the U.K., and Dyre making appearances in Spain and Australia.

In the report, we talk more about these leaps and others as being indicative of the increasing sophistication and organization of attackers since they require more than simple changes to configuration files.

Mobile Malware’s Quantum Leap

In the world of mobile devices, we see malware making a quantum leap with overlay malware. This involves Trojans implementing a convincing social engineering effort to fool users into divulging payment login details, online banking credentials and payment card details right from their device. The malware is often bundled with spyware, turning it into a one-stop fraud shop.

X-Force Report Underscores a Continued Need for Security Basics

Vulnerability news was more of the same: The second half of 2015 saw an increase in disclosed vulnerabilities for a total of just under 9,000. This represents the highest number of vulnerabilities the X-Force team has seen and recorded in our database.

In our experiences working with clients and prospects, X-Force has seen that many organizations do not sufficiently monitor published vulnerabilities that may affect the technology protecting their data. As a result, they may be ignorant of the risk and impacts of a data breach. There are common reasons, however, why organizations are in the dark about these exposures and risks, including:

  • They are not aware of all the sources of their data because they lack an asset inventory.
  • They don’t understand how critical their vulnerabilities are or the danger they pose to effectively supporting and growing the business.
  • They intend to do a vulnerability scan to identify risks and remediate vulnerabilities, but because they don’t understand the depth of the risks they face, they never get around to taking action.

With so much happening at once, there is renewed emphasis for security basics surrounding risk assessment and patching of vulnerabilities, protecting databases and implementing mitigating controls so that every organization can better handle risks.

Download the full 2016 IBM X-Force Threat Intelligence Report

More from Threat Intelligence

Widespread exploitation of recently disclosed Ivanti vulnerabilities

6 min read - IBM X-Force has assisted several organizations in responding to successful compromises involving the Ivanti appliance vulnerabilities disclosed in January 2024. Analysis of these incidents has identified several Ivanti file modifications that align with current public reporting. Additionally, IBM researchers have observed specific attack techniques involving the theft of authentication token data not readily noted in current public sources. The blog details the results of this research to assist organizations in protecting against these threats. Key Findings: IBM research teams have…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Audio-jacking: Using generative AI to distort live audio transactions

7 min read - The rise of generative AI, including text-to-image, text-to-speech and large language models (LLMs), has significantly changed our work and personal lives. While these advancements offer many benefits, they have also presented new challenges and risks. Specifically, there has been an increase in threat actors who attempt to exploit large language models to create phishing emails and use generative AI, like fake voices, to scam people. We recently published research showcasing how adversaries could hypnotize LLMs to serve nefarious purposes simply…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today