IBM Security has released the IBM X-Force Threat Intelligence Index 2020 to provide insight into how cybercriminals' techniques have evolved after decades of access to over 10 billion corporate and personal records and more than 100 thousand software flaws, the company reported on Tuesday.
IBM X-Force conducted its report based on insights and observations from monitoring 70 billion security events per day in more than 130 countries. In addition, data is gathered and analyzed from multiple sources including X-Force IRIS, X-Force Red, IBM Managed Security Services, and publicly disclosed data breach information.
"The amount of exposed records that we're seeing today means that cybercriminals are getting their hands on more keys to our homes and businesses. Attackers won't need to invest time to devise sophisticated ways into a business; they can deploy their attacks simply by using known entities, such as logging in with stolen credentials," said Wendi Whitmore vice president of IBM X-Force Threat Intelligence.
IBM’s report recognized the trends in ransomware attacks worldwide in the public and private sectors. The company shows the growth ransomware activity in 2019. IBM X-Force has deployed its incident response team to ransomware incidents in 13 different industries worldwide.
The company also stated that as consumers become more aware of phishing emails, phishing tactics by hackers become more targeted. With Quad9, IBM observed a squatting trend in phishing campaigns. The report showed that attackers have impersonated consumer tech brands with tempting links, using tech, social media and content streaming companies to click links in phishing attempts.
The report marked three key highlights, including Configure it Out, Banking on Ransomware and Tech Trust Takeover for Phishing, to help industry leaders discover pitfalls in cyber industries. IBM’s research revealed that of the more than 8.5 billion breached records reported in 2019 and over 85%, were due to misconfigured cloud servers and other improperly configured systems.
IBM has shown that the most active banking leaders found in this year's report, such as TrickBot, were increasingly observed to insight ransomware attacks. Additionally, novel code used by banking trojans and ransomware ranked highest compared to other malware variants discussed in the report.
IBM X-Force has reported that tech, social media and content streaming household brands make up the "Top 10" spoofed brands that cyber attackers impersonate in phishing attempts. Hackers utilize the trust put in technology providers over notable retail and financial brands, including Google, YouTube and Apple.
"Protection measures, such as multi-factor authentication and single sign-on, are important for the cyber resilience of organizations and the protection and privacy of user data," Whitmore concluded.
About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development and delivery organizations, monitors 70 billion security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide.