“Excuse me, are you aware of what’s happening right now? We’re facing 20 billion security events every day. DDoS campaigns, ransomware, malware attacks …” says a woman sternly to an associate in a recently aired commercial featuring Watson and IBM Security. She may have been an actor, but the question and the threats she described plague real-world organizations and their security operations teams daily.

 

The Year of the Mega Breach

IBM X-Force knows the difficulties organizations face when it comes to finding time to step back from day-to-day operations to look at the big security picture. Because of this, they may be left with many unanswered questions, such as:

  • What cybercrime trends have surfaced over the last year?
  • What are the most prevalent mechanisms of attack and what steps do we need to take to mitigate those attacks?
  • Is my industry one of the most targeted in terms of attacks, and is there something to learn from those that have experienced fewer compromises?
  • Are the majority of attacks coming from inside or outside my network? Is the makeup of the insider attacks mostly malicious or inadvertent?

Read the complete IBM X-Force Threat Intelligence Index Now

Fortunately, IBM X-Force takes the guesswork out of assessing the security threat landscape for organizations with the IBM X-Force Threat Intelligence Index. To form assessments regarding the threat landscape, X-Force researchers draw on numerous data sources to include both data from monitored security clients — billions of events per year from more than 8,000 client devices in more than 100 countries — and data derived from noncustomer assets, such as spam sensors and honeynets.

The Big Security Picture

The following key trends point to a continued need to focus on security fundamentals.

  • World-changing leaks: The security landscape was rocked with unprecedented leaks of comprehensive datasets, with over 4 billion compromised records exposed.
  • Tried-and-true methods: Cybercriminals continue to favor older attack methods to gain access to valuable data and resources, including command injection, malware toolkits and ransomware.
  • Decline in attacks: The average IBM monitored security client experienced fewer attacks compared to last year, down 12 percent. But that doesn’t necessarily mean less danger; it could indicate that attackers are relying more on proven attacks, thus requiring fewer strikes.

For a closer look at the full cyberthreat landscape for 2016, download the complete IBM X-Force Threat Intelligence Index 2017.

Read the IBM X-Force Threat Intelligence Index Now

More from Threat Intelligence

Hive0147 serving juicy Picanha with a side of Mekotio

17 min read - IBM X-Force tracks multiple threat actors operating within the flourishing Latin American (LATAM) threat landscape. X-Force has observed Hive0147 to be one of the most active threat groups operating in the region, targeting employee inboxes at scale, with a primary focus on phishing and malware distribution. After a 3-month break, Hive0147 returned in July with even larger campaign volumes, and the debut of a new malicious downloader X-Force named "Picanha,” likely under continued development, deploying the Mekotio banking trojan. Hive0147…

FYSA – Critical RCE Flaw in GNU-Linux Systems

2 min read - Summary The first of a series of blog posts has been published detailing a vulnerability in the Common Unix Printing System (CUPS), which purportedly allows attackers to gain remote access to UNIX-based systems. The vulnerability, which affects various UNIX-based operating systems, can be exploited by sending a specially crafted HTTP request to the CUPS service. Threat Topography Threat Type: Remote code execution vulnerability in CUPS service Industries Impacted: UNIX-based systems across various industries, including but not limited to, finance, healthcare,…

Hive0137 and AI-supplemented malware distribution

12 min read - IBM X-Force tracks dozens of threat actor groups. One group in particular, tracked by X-Force as Hive0137, has been a highly active malware distributor since at least October 2023. Nominated by X-Force as having the “Most Complex Infection Chain” in a campaign in 2023, Hive0137 campaigns deliver DarkGate, NetSupport, T34-Loader and Pikabot malware payloads, some of which are likely used for initial access in ransomware attacks. The crypters used in the infection chains also suggest a close relationship with former…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today