From stolen credentials to vulnerability exploits – are you ready to counter emerging threats?

Share this post:

Author: Stephen Burmester, Asia Pacific Regional Leader, X-Force Incident Response and Intelligence Services (IRIS), IBM Security

The cyber threat landscape is constantly evolving. As countermeasures negate the effectiveness of one type of attack, malicious actors move to another threat vector. It can seem like an endless game of tit-for-tat, but by knowing what threats to expect and acting proactively you can protect your organisation from danger.

The IBM X-Force Research team runs thousands of spam traps, monitors millions of phishing and spam attacks, and analyses billions of web pages and images to detect emerging cyberattack vectors. Its annual report, the X-Force Threat Intelligence Index 2020, which has just been launched, highlights how cybercriminals are leveraging access to corporate and personal records and knowledge of software flaws to breach organisational defences.

Key findings in the IBM X-Force Intelligence Threat Index 2020:

In a surprising shift, phishing was a successful initial infection vector in less than a third of incidents in 2019, compared to half in 2018. Now, cybercriminals rely more on previously stolen credentials and known software vulnerabilities for their initial entry into victims’ environments.

Some other learnings include:

Password hygiene is more critical than ever – With more than 8.5 billion records reported breached in 2019, attackers have access to more stolen credentials than ever. These credentials are used to gain a foothold into victim environments in 29% of attacks.

Vulnerabilities are being weaponised – Scanning and exploitation jumped to 30% of initial infection incidents in 2019, from 8% in 2018. With 150,000 vulnerabilities disclosed to date, businesses aren’t patching adequately. Microsoft vulnerabilities are the most widely exploited, while 80% of ransomware attack attempts exploited SMB vulnerabilities.

Top brands are regularly spoofed – Attackers are exploiting consumers’ trust in tech brands to trick them via email and SMS phishing schemes. Google, YouTube and Apple led the most spoofed brands, with social media and streaming services also in the top 10. Phishing remains the top initial access vector.

Ransomware attackers are innovating – 36% of the ransomware code observed was novel, and popular banking trojans are increasingly being used to set the stage for ransomware attacks. While local and state governments remain a focal point for attackers, ransomware remains industry agnostic, striking a range of sectors around the world.

Configuration is key – Businesses continue to struggle with cloud security. Over 85% of the more than 8.5 billion records breached in 2019 were due to misconfigured cloud servers and other systems – a stark departure from 2018 where these records made up less than half of the total.

The IBM X-Force Threat Intelligence Index 2020 features much more insightful information about the global threat landscape to inform security professionals about the threats most relevant to their organisations.

Download the report today to discover how the IBM X-Force Research team can help you counter emerging cybersecurity threats.

More Security stories

The rising cost of a data breach in 2020

By Stephen Burmester, Asia Pacific Lead – X-Force Incident Response and Intelligence Services (IRIS) Increased remote working and digital footprints have accelerated the importance of cybersecurity in today’s business world. While the cost and risk of a cybersecurity breach are increasing year-on-year, there are measures companies can take to minimise the threat. Although breaches remain […]

Continue reading

Collaborative Threat Defence with IBM and Cisco

Author: Ali Daher, IBM Security Leader A/NZ When it comes to threat defence, it’s a cluttered market out there! There are multiple security vendors and a multitude of tools to solve different security requirements. Common feedback we hear from customers is, wouldn’t it be great to: Reduce product and vendor complexity Streamline workflows between security […]

Continue reading

Cybersecurity: How to stay safe online during COVID-19

The big shift to remote working has meant huge changes in how we do our jobs, including risks we didn’t need to worry about before. COVID-19 isn’t the only pandemic we’re suffering right now. Our digital lives are under unprecedented attack and the very thing that is meant to keep us safe from the actual […]

Continue reading