Light Dark
November 18, 2015 By Michelle Alvarez 2 min read
Advanced Threats
X-Force

Would you seek medical treatment from someone who’s never actually practiced medicine, only studied it? What about take your car to a mechanic who’s never performed a repair? Probably not. You’d most likely feel comfortable only obtaining services from a professional who’s had practical experience in his or her trade. So why would you seek information on the latest cybercrime trends from anyone other than those who have been in the trenches?

The Top Four Cybercrime Trends

Based on the field experience of consultants responding to security incidents, IBM Emergency Response Services (ERS) identified four key trends in cybersecurity. These trends, highlighted below, are laid out in a new infographic, “Trending Now in Cybersecurity,” along with indicators that might show you are at risk.

 

Top 4 Cybercrime Trends Infographic

1. Onion-Layered Security Incidents

Investigating one event reveals an older, often significantly more damaging hidden attack. Of all the incidents the ERS team encountered, these complex situations were the most demanding of investigative time and resources to ascertain the facts, find the root causes, develop a timeline of events and provide the client with recommendations on how to resolve the issues that allowed the attackers to get into the network.

2. Ransomware

Ransomware is big business for cybercriminals, who can now hold data hostage via encryption. ERS estimated that the paths of ransomware infections are primarily unpatched vulnerabilities (No. 1), drive-by downloads (No. 2) and spear phishing emails (No. 3).

3. Malicious Insider Attacks

A disgruntled ex-employee can wreak havoc for a long time by setting up access to resources before walking out the door. Even worse, you may be leaving the door wide open for their malicious activity. The pattern that emerged showed that administrative user accountability often goes unenforced.

4. Greater Management Awareness

Want some good news? High-profile breaches have increased interest in cybercrime prevention at the management and even board level. This interest from people in positions of oversight can provide a forum for security professionals who need top-level support for needed initiatives. Is your organization taking the right steps to protect itself?

View the infographic to find out the warning signs that indicate you could be vulnerable to this year’s top threat types. It also provides a view of the questions top management is asking about security programs.

 |  |  | 
Michelle Alvarez
Manager, X-Force Strategic Threat Analysis, IBM

More from Advanced Threats
May 24, 2024

Phishing kit trends and the top 10 spoofed brands of 2023

4 min read -  The 2024 IBM X-Force Threat Intelligence Index reported that phishing was one of the top initial access vectors observed last year, accounting for 30% of incidents. To carry out their phishing campaigns, attackers often use phishing kits: a collection of tools, resources and scripts that are designed and assembled to ease deployment. Each phishing kit deployment corresponds to a single phishing attack, and a kit could be redeployed many times during a phishing campaign. IBM X-Force has analyzed thousands of…

May 16, 2024

Grandoreiro banking trojan unleashed: X-Force observing emerging global campaigns

16 min read - Since March 2024, IBM X-Force has been tracking several large-scale phishing campaigns distributing the Grandoreiro banking trojan, which is likely operated as a Malware-as-a-Service (MaaS). Analysis of the malware revealed major updates within the string decryption and domain generating algorithm (DGA), as well as the ability to use Microsoft Outlook clients on infected hosts to spread further phishing emails. The latest malware variant also specifically targets over 1500 global banks, enabling attackers to perform banking fraud in over 60 countries…

May 2, 2024

A spotlight on Akira ransomware from X-Force Incident Response and Threat Intelligence

7 min read - This article was made possible thanks to contributions from Aaron Gdanski.IBM X-Force Incident Response and Threat Intelligence teams have investigated several Akira ransomware attacks since this threat actor group emerged in March 2023. This blog will share X-Force’s unique perspective on Akira gained while observing the threat actors behind this ransomware, including commands used to deploy the ransomware, active exploitation of CVE-2023-20269 and analysis of the ransomware binary.The Akira ransomware group has gained notoriety in the current cybersecurity landscape, underscored…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature