MSS Threat Research Series

As threats multiply and increase in sophistication, it is more important than ever that organizations maintain awareness of current security trends.

IBM® Managed Security Services threat research reports can help you keep pace with an evolving threat landscape and learn how to protect your networks and data from the latest threats and attack vectors.

Threat reports

The IBM Managed Security Services (MSS) Threat Research Group regularly publishes in-depth reports to inform you about recent threats that could adversely affect your environment.

Current reports are available for download, using the links below. Check back often to learn about newly published reports.

At risk: the energy and utility sector infrastructure

At risk: the energy and utility sector infrastructure

From network break-ins to ransomware to seizing control of control systems, attacks against energy and utility companies are on the rise.

Security trends

Security trends in the information and communication technology industry

Attackers set their sights on customer data in the care of these organizations.

Security trends in the manufacturing industry

Security trends in the manufacturing industry

Cyber espionage and disruptions to operations lead the list of security concerns for manufacturers.

healthcare

Security trends in the healthcare industry

Learn why attackers are continuing to target the healthcare industry and how in this annual review of security trends.

financial industry

Security trends in financial services

With both money and personal information at stake, financial services organizations continue to be a magnet for cybercrime.

Keeping the lights on

The changing face of IT security in the government sector

Rising attack rates and massive breaches plague government organizations.

healthcare

The weaponization of IoT devices

Learn how cybercriminals are populating botnets with easily exploitable Internet of Things devices like security cameras, webcams and DVRs.

Security trends in the retail industry

Security trends in the retail industry

Learn about the targets, attack types and attackers in this 2016 view of security trends in the retail industry.

The importance of thwarting command injection attacks

The importance of thwarting command injection attacks

Vulnerabilities in your operating system or apps can leave your critical web servers open to penetration. Learn how to protect against this all-too-common attack.

Understanding the webshell game

Understanding the webshell game

A command injection attack, webshell, gives hackers persistent control over web servers and a way to get into networks.

Understanding the webshell game

Know your cyber enemy

Learn how you can help reduce your risk by understanding the motivations of cybercriminals and why you might be targeted.

Security trends in the transportation industry

Security trends in the transportation industry

Disruption of transportation systems or assets can impact a country’s security, public health and safety while triggering a cascade of issues across other industries. This report examines threats facing transportation providers and reviews security best practices.

Beware of older cyber attacks

Beware of older cyber attacks

For all the talk of new threats, some familiar ones, like footprinting and brute force attacks, are still in use.

encryption standards

Outdated encryption standards

Personal and financial data are at risk in transit. Learn how to update browsers and operating systems to safer encryption.

The inside story of botnets

The inside story of botnets

Does your computer have a secret life of crime? This research report shows how to defend against botnets.

A close look at blind SQL injection

A close look at blind SQL injection

Learn why this attack type continues to be a real threat for Internet-facing organizations.

Extortion by distributed denial of service attack

Extortion by distributed denial of service attack

Read how cyber criminals are using distributed denial of service (DDOS) attacks to disrupt business by preventing legitimate users from accessing websites. The new twist is adding the demand for ransom.

What Surfaces from the Deep, Dark Web

What Surfaces from the Deep, Dark Web

Read how cyber criminals are using the anonymity of the Tor network to launch SQL injection and distributed denial of service attacks against corporate networks around the globe.

The price of loyalty programs

The price of loyalty programs

Read why hackers are turning their sights to online transactions and smaller retail targets for credit card data.

What You Need to Know About Ransomware

What You Need to Know About Ransomware

Read how cyber criminals are costing organizations around the world millions by locking down data and holding it for ransom.

Security attacks on industrial control systems

Security attacks on industrial control systems

Learn how technology advances create security risks for industrial organizations

Wolf Malware Campaign

Inside the Dyre Wolf Malware Campaign

Read about a highly sophisticated new campaign targeting corporate bank accounts that has stolen upwards of a million dollars from unsuspecting companies.

Indicators of Compromise

Indicators of Compromise

Read about the digital "footprints" that attackers leave behind when they breach your systems and how you can use those artifacts to uncover advanced persistent threats.

Dangers of the Deep, Dark Web

Dangers of the Deep, Dark Web

Read about two mainstream dark webs and methods you can use to protect your organization from the criminals who use them.

Understanding the Risks of Content Management Systems

Understanding the Risks of Content Management Systems

Read about risks associated with the content management systems that organizations use to deliver web-based content.

Battling Security Threats from Within Your Organization

Battling Security Threats from Within Your Organization

Read about the risks posed by individuals inside your organization who have access to proprietary information or sensitive data.

The Perils of Phishing

The Perils of Phishing

Read how criminals use emails specifically designed to entice employees and gain entry to your network.


About the MSS Threat Research Group

The MSS Threat Research Group is comprised of experienced and skilled threat analysts in the IBM Managed Security Services organization. This elite team is dedicated to delivering industry leading cyber threat intelligence, and providing the most up-to-date research on threats, both past and present, that have the potential to negatively impact IBM customers.

Next steps

cyber-security

IBM X-Force Threat Intelligence Index

Read the 2017 report. Understand the threats.

data-breach-study

2017 Cost of Data Breach Study

Explore highlights from Ponemon's global report.

global-report

We've got your data!

Review IBM's Ransomware client guide.

Talk to an expert

IBM Security