Computer services was by far the top industry targeted by cyber attacks in 2015, facing more than twice as many attacks as retail, the second most common target, according to research released this week by IBM X-Force. The 2016 IBM X-Force Threat Intelligence Report shows that over 30 percent of all attacks targeted the computer services industry, and while high profile and high value breaches affected healthcare and government agencies, those industries were targets of only 9.2 and 7.4 percent of attacks, respectively.
Highly-publicized breaches like the US Office of Personnel Management demonstrate trends towards high-reward data theft and organized, professional cybercriminals. High-value, personally identifiable information including security clearance information, background check data and fingerprints were stolen in the breach. Meanwhile other breaches resulting in theft of lower value data such as email addresses demonstrate the ability of malicious organizations to leverage stolen data to perpetrate wide-scale account takeover schemes, as the nature of the cybercriminals carrying out attacks evolves.
“Organized cybercrime is no longer made up primarily of small factions, and the days of lone hackers are all but gone,” writes X-Force Senior Cybersecurity Evangelist Limor Kessem in the report. “Instead, nowadays we fight against motivated organizations that—like legitimate businesses—are divided into teams, employ highly experienced developers with deep knowledge, leverage connections and encourage collaboration. Also like businesses, these gangs are highly organized, managed by crime lords who fund the operation and deploy various types of troops to achieve their eventual success.”
Crimeware-as-a-Service and invasive campaigns like Carbanak demonstrated the development of corporate sophistication and investment among online criminals in 2015. That sophistication is also seen in malware targeting POS systems which resulted in breaches at global hospitality brands like Trump, Starwood, and Hyatt hotels. Credit card information stolen in those breaches is still valuable to criminals, the report said, but 100 million patient records, containing data with a longer lifespan which is more difficult to replace, like Social Security numbers and health history, were stolen in five healthcare mega breaches in 2015. The increasing sophistication of the cybercriminal underground was also highlighted recently in a report by Trend Micro.
Malvertising and ransomware grew dramatically in 2015, and malware specifically targeting financial institutions in Romania and Japan were discovered. The evolution of malware also resulted in Dyre becoming even more popular than Zeus, before its own popularity fell off in November. X-Force echoes predictions of a proliferation of sophisticated malware in 2016 by FortiGuard and others.