November 18, 2015 By Michelle Alvarez 2 min read

Would you seek medical treatment from someone who’s never actually practiced medicine, only studied it? What about take your car to a mechanic who’s never performed a repair? Probably not. You’d most likely feel comfortable only obtaining services from a professional who’s had practical experience in his or her trade. So why would you seek information on the latest cybercrime trends from anyone other than those who have been in the trenches?

The Top Four Cybercrime Trends

Based on the field experience of consultants responding to security incidents, IBM Emergency Response Services (ERS) identified four key trends in cybersecurity. These trends, highlighted below, are laid out in a new infographic, “Trending Now in Cybersecurity,” along with indicators that might show you are at risk.


Top 4 Cybercrime Trends Infographic

1. Onion-Layered Security Incidents

Investigating one event reveals an older, often significantly more damaging hidden attack. Of all the incidents the ERS team encountered, these complex situations were the most demanding of investigative time and resources to ascertain the facts, find the root causes, develop a timeline of events and provide the client with recommendations on how to resolve the issues that allowed the attackers to get into the network.

2. Ransomware

Ransomware is big business for cybercriminals, who can now hold data hostage via encryption. ERS estimated that the paths of ransomware infections are primarily unpatched vulnerabilities (No. 1), drive-by downloads (No. 2) and spear phishing emails (No. 3).

3. Malicious Insider Attacks

A disgruntled ex-employee can wreak havoc for a long time by setting up access to resources before walking out the door. Even worse, you may be leaving the door wide open for their malicious activity. The pattern that emerged showed that administrative user accountability often goes unenforced.

4. Greater Management Awareness

Want some good news? High-profile breaches have increased interest in cybercrime prevention at the management and even board level. This interest from people in positions of oversight can provide a forum for security professionals who need top-level support for needed initiatives. Is your organization taking the right steps to protect itself?

View the infographic to find out the warning signs that indicate you could be vulnerable to this year’s top threat types. It also provides a view of the questions top management is asking about security programs.

More from Advanced Threats

GootBot – Gootloader’s new approach to post-exploitation

8 min read - IBM X-Force discovered a new variant of Gootloader — the "GootBot" implant — which facilitates stealthy lateral movement and makes detection and blocking of Gootloader campaigns more difficult within enterprise environments. X-Force observed these campaigns leveraging SEO poisoning, wagering on unsuspecting victims' search activity, which we analyze further in the blog. The Gootloader group’s introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2…

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

4 min read - You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however, it’s important to understand how to build, implement and mature a repeatable, internal threat hunting program. What are the components…

Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data

4 min read - Shopping online is an increasingly popular endeavor, and it has accelerated since the COVID-19 pandemic. Online sales during the 2021 holiday season rose nearly 9% to a record $204.5 billion. Mastercard says that shopping jumped 8.5% this year compared to 2020 and 61.4% compared to pre-pandemic levels. Cyber criminals are not missing this trend. The Ramnit Trojan, in particular, is out for a shopping spree that’s designed to take over people’s online accounts and steal their payment card data. IBM…

Detections That Can Help You Identify Ransomware

12 min read - One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that span geographies, industries and affiliations. Leveraging that access and knowledge against the ransomware threat has revealed tools, techniques and procedures that can often be detected through the default Windows event logs (WELs). In particular, the X-Force IR team has identified several…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today