Would you seek medical treatment from someone who’s never actually practiced medicine, only studied it? What about take your car to a mechanic who’s never performed a repair? Probably not. You’d most likely feel comfortable only obtaining services from a professional who’s had practical experience in his or her trade. So why would you seek information on the latest cybercrime trends from anyone other than those who have been in the trenches?

The Top Four Cybercrime Trends

Based on the field experience of consultants responding to security incidents, IBM Emergency Response Services (ERS) identified four key trends in cybersecurity. These trends, highlighted below, are laid out in a new infographic, “Trending Now in Cybersecurity,” along with indicators that might show you are at risk.


Top 4 Cybercrime Trends Infographic

1. Onion-Layered Security Incidents

Investigating one event reveals an older, often significantly more damaging hidden attack. Of all the incidents the ERS team encountered, these complex situations were the most demanding of investigative time and resources to ascertain the facts, find the root causes, develop a timeline of events and provide the client with recommendations on how to resolve the issues that allowed the attackers to get into the network.

2. Ransomware

Ransomware is big business for cybercriminals, who can now hold data hostage via encryption. ERS estimated that the paths of ransomware infections are primarily unpatched vulnerabilities (No. 1), drive-by downloads (No. 2) and spear phishing emails (No. 3).

3. Malicious Insider Attacks

A disgruntled ex-employee can wreak havoc for a long time by setting up access to resources before walking out the door. Even worse, you may be leaving the door wide open for their malicious activity. The pattern that emerged showed that administrative user accountability often goes unenforced.

4. Greater Management Awareness

Want some good news? High-profile breaches have increased interest in cybercrime prevention at the management and even board level. This interest from people in positions of oversight can provide a forum for security professionals who need top-level support for needed initiatives. Is your organization taking the right steps to protect itself?

View the infographic to find out the warning signs that indicate you could be vulnerable to this year’s top threat types. It also provides a view of the questions top management is asking about security programs.

more from Advanced Threats

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however,…

World’s Largest Darknet Market Shut Down, $25 Million in Bitcoin Seized

On April 5, German authorities announced the takedown of the Hydra marketplace, the world’s largest darknet market trading in illicit drugs, cyberattack tools, forged documents and stolen data. The criminal operation, with about 17 million customer accounts, raked in billions in bitcoin before getting shut down. On its website, the Federal Criminal Police Office (BKA) stated it had secured and…