From stolen credentials to vulnerability exploits – are you ready to counter emerging threats?

Share this post:

Author: Stephen Burmester, Asia Pacific Regional Leader, X-Force Incident Response and Intelligence Services (IRIS), IBM Security

The cyber threat landscape is constantly evolving. As countermeasures negate the effectiveness of one type of attack, malicious actors move to another threat vector. It can seem like an endless game of tit-for-tat, but by knowing what threats to expect and acting proactively you can protect your organisation from danger.

The IBM X-Force Research team runs thousands of spam traps, monitors millions of phishing and spam attacks, and analyses billions of web pages and images to detect emerging cyberattack vectors. Its annual report, the X-Force Threat Intelligence Index 2020, which has just been launched, highlights how cybercriminals are leveraging access to corporate and personal records and knowledge of software flaws to breach organisational defences.

Key findings in the IBM X-Force Intelligence Threat Index 2020:

In a surprising shift, phishing was a successful initial infection vector in less than a third of incidents in 2019, compared to half in 2018. Now, cybercriminals rely more on previously stolen credentials and known software vulnerabilities for their initial entry into victims’ environments.

Some other learnings include:

Password hygiene is more critical than ever – With more than 8.5 billion records reported breached in 2019, attackers have access to more stolen credentials than ever. These credentials are used to gain a foothold into victim environments in 29% of attacks.

Vulnerabilities are being weaponised – Scanning and exploitation jumped to 30% of initial infection incidents in 2019, from 8% in 2018. With 150,000 vulnerabilities disclosed to date, businesses aren’t patching adequately. Microsoft vulnerabilities are the most widely exploited, while 80% of ransomware attack attempts exploited SMB vulnerabilities.

Top brands are regularly spoofed – Attackers are exploiting consumers’ trust in tech brands to trick them via email and SMS phishing schemes. Google, YouTube and Apple led the most spoofed brands, with social media and streaming services also in the top 10. Phishing remains the top initial access vector.

Ransomware attackers are innovating – 36% of the ransomware code observed was novel, and popular banking trojans are increasingly being used to set the stage for ransomware attacks. While local and state governments remain a focal point for attackers, ransomware remains industry agnostic, striking a range of sectors around the world.

Configuration is key – Businesses continue to struggle with cloud security. Over 85% of the more than 8.5 billion records breached in 2019 were due to misconfigured cloud servers and other systems – a stark departure from 2018 where these records made up less than half of the total.

The IBM X-Force Threat Intelligence Index 2020 features much more insightful information about the global threat landscape to inform security professionals about the threats most relevant to their organisations.

Download the report today to discover how the IBM X-Force Research team can help you counter emerging cybersecurity threats.