LONDON, ENGLAND - DECEMBER 02:  A staff member stands in a projection of live data feeds from (L-R) Twitter, Instagram and Transport for London by data visualisation studio Tekja at the Big Bang Data exhibition at Somerset House on December 2, 2015 in London, England. The show highlights the data explosion that's radically transforming our lives. It opens on December 3, 2015 and runs until February 28, 2016 at Somerset House.  (Photo by Peter Macdiarmid/Getty Images for Somerset House)

As Sophisticated Teams Replace Lone Hackers, Cyberattacks Become Harder to Manage: Report

Add Your Comments

Computer services was by far the top industry targeted by cyber attacks in 2015, facing more than twice as many attacks as retail, the second most common target, according to research released this week by IBM X-Force. The 2016 IBM X-Force Threat Intelligence Report shows that over 30 percent of all attacks targeted the computer services industry, and while high profile and high value breaches affected healthcare and government agencies, those industries were targets of only 9.2 and 7.4 percent of attacks, respectively.

Highly-publicized breaches like the US Office of Personnel Management demonstrate trends towards high-reward data theft and organized, professional cybercriminals. High-value, personally identifiable information including security clearance information, background check data and fingerprints were stolen in the breach. Meanwhile other breaches resulting in theft of lower value data such as email addresses demonstrate the ability of malicious organizations to leverage stolen data to perpetrate wide-scale account takeover schemes, as the nature of the cybercriminals carrying out attacks evolves.

“Organized cybercrime is no longer made up primarily of small factions, and the days of lone hackers are all but gone,” writes X-Force Senior Cybersecurity Evangelist Limor Kessem in the report. “Instead, nowadays we fight against motivated organizations that—like legitimate businesses—are divided into teams, employ highly experienced developers with deep knowledge, leverage connections and encourage collaboration. Also like businesses, these gangs are highly organized, managed by crime lords who fund the operation and deploy various types of troops to achieve their eventual success.”

Read more: IT Pros Feel More Pressure as Board-Level Cybersecurity Awareness Grows: Report

Crimeware-as-a-Service and invasive campaigns like Carbanak demonstrated the development of corporate sophistication and investment among online criminals in 2015. That sophistication is also seen in malware targeting POS systems which resulted in breaches at global hospitality brands like Trump, Starwood, and Hyatt hotels. Credit card information stolen in those breaches is still valuable to criminals, the report said, but 100 million patient records, containing data with a longer lifespan which is more difficult to replace, like Social Security numbers and health history, were stolen in five healthcare mega breaches in 2015. The increasing sophistication of the cybercriminal underground was also highlighted recently in a report by Trend Micro.

Malvertising and ransomware grew dramatically in 2015, and malware specifically targeting financial institutions in Romania and Japan were discovered. The evolution of malware also resulted in Dyre becoming even more popular than Zeus, before its own popularity fell off in November. X-Force echoes predictions of a proliferation of sophisticated malware in 2016 by FortiGuard and others.

Newsletters

Subscribe Now and Get Our Exclusive Report on "The Hosting Infrastructure Ecosystem"

Enter your email to receive messages about offerings by Penton, its brands, affiliates and/or third-party partners, consistent with Penton's Privacy Policy.

Related Forum Threads

Add Your Comments

  • (will not be published)