IBM on the State of Security

Print

The IBM X-Force Threat Intelligence Index reveals "historic" growth for the number of records compromised in 2016-- from 600 million in 2015 to over 4 billion, an increase of 566%, thanks to a shift in cybercriminal strategies.

SecurityThe leaked records include traditional targets such as credit cards, passwords and personal health information, but IBM also notes "significant" breaches in unstructured data such as email archives, business documents, intellectual property and source code. The observations come from over 8000 monitored security clients in 100 countries and data derived from non-customer assets such as spam sensors and honeynets.

In total X-Force monitors around 8 million spam and phishing attacks daily, and analyses over 37 billion websites and images.

“Cybercriminals continued to innovate in 2016 as we saw techniques like ransomware move from a nuisance to an epidemic,” IBM Security remarks. “While the volume of records compromised last year reached historic highs, we see this shift to unstructured data as a seminal moment. The value of structured data to cybercriminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetise it this year in new ways.”

A separate IBM Security study shows ransomware is also on the up, as the promise of profits and businesses willing to pay have lead to bolder cybercriminals. The main vector for ransomware delivery is malicious attachments in spam emails, so much so spam has increased by 400% in 2016, with 44% of spam carrying malicious attachments. In turm ransomware makes 85% of said malicious attachments.

But, in some good news, IGM says the average monitored security client organisation experienced 54m security events in 2016-- an increase of 3% over 2015, marked by a -12% decrease in attacks. This is thanks to finer tuned security systems and innovations such as cognitive systems, leading to a drop in overall incidents of -48% in 2016.

Go IBM X-Force Finds Historic Number Of Records Leaked And Vulnerabilities Disclosed In 2016