Presentation is loading. Please wait.

Presentation is loading. Please wait.

IBM 2015 Cyber Security Intelligence Index

Published byGilbert Dean Modified over 7 years ago

Similar presentations

Presentation on theme: "IBM 2015 Cyber Security Intelligence Index"— Presentation transcript:

1 IBM 2015 Cyber Security Intelligence Index
2014, eventful year Major vulnerabilities were found lurking in well- known applications, many of which had been dormant for more than 10 years IT departments often found themselves unprepared to patch and mitigate these threats, leaving the window for exploitation wide open and leading to a “perfect storm” of zero-day attacks, system infiltration and subsequent data loss for many organizations.

2 Security Event An event on a system or network detected by a security device or application. Security attack A security event that has been identified by correlation and analytics tools as malicious activity that is attempting to collect, disrupt, deny, degrade or destroy information system resources or the information itself. Security incident An attack or security event that has been reviewed by security analysts and deemed worthy of deeper investigation. IBM

3

4

5

6

7

8 Akamai State of the Internet Report
DDOS attacks more than double what was reported last year (same quarter) Last year the attacks were high bandwidth, short duration This year less powerful but longer duration

9 Compared to Q2 2014 132.43% increase in total DDOS attacks
122.22% increase in application layer (Layer 7) DDOS attacks 133.66% increase in infraestructure layer (Layer 3 & 4) DDOS attacks 18.99% increase in the average attack duration vs hours 11.47% decrease in the average peak volume 100% increase in attacks > 100 Gbps

10

11

12

13

14

15 Cisco 2015 Security Annual Report
The Cisco 2015 Annual Security Report, which presents the research, insights, and perspectives provided by Cisco® Security Research and other security experts within Cisco, explores the ongoing race between attackers and defenders, and how users are becoming ever-weaker links in the security chain.

16 Key discoveries Attackers have become more proficient at taking
advantage of gaps in security to hide and conceal malicious activity. ► In 2014, 1 percent of high-urgency common vulnerabilities and exposure (CVE) alerts were actively exploited. This means organizations must prioritize and patch that 1 percent of all vulnerabilities quickly. But even with leading security technology, excellence in process is required to address vulnerabilities. ► Since the Blackhole exploit kit was sidelined in 2013, no other exploit kit has been able to achieve similar heights of success. However, the top spot may not be as coveted by exploit kit authors as it once was. ► Java exploits have decreased by 34 percent, as Java security improves and adversaries move to embrace new attack vectors. ► Flash malware can now interact with JavaScript to help conceal malicious activity, making it much harder to detect and analyze. ► Spam volume increased 250 percent from January 2014 to November 2014. ► Snowshoe spam, which involves sending low volumes of spam from a large set of IP addresses to avoid detection, is an emerging threat.

17 Key discoveries Users and IT teams have become unwitting parts of the
security problem. ► Online criminals rely on users to install malware or help exploit security gaps. ► Users’ careless behavior when using the Internet, combined with targeted campaigns by adversaries, places many industry verticals at higher risk of web malware exposure. In 2014, the pharmaceutical and chemical industry emerged as the number-one highest-risk vertical for web malware exposure, according to Cisco Security Research. ► Malware creators are using web browser add-ons as a medium for distributing malware and unwanted applications. This approach to malware distribution is proving successful for malicious actors because many users inherently trust add-ons or simply view them as benign.

18

19

20

21

22 IT security Risk Survey 2014
3,900 respondents from 27 countries Companies of all sizes

23 Key figures

24

25

26 In 2014 number one external threat was spam, in 2013 was malware attacks
Respondents reporting at least one targeted attack rose to 12% from 9% in 2013

27

28

29 Internal Threads

30 Data Loss, Internal incidents

31

32 Executive Summary

33 Attackers are moving faster, defenses are not
Within four hours of the Heartbleed vulnerability becoming public, Symantec saw a surge of attackers exploiting it. Reaction time has not decreased at an equivalent pace In 2014, it took 204 days, 22 days and 53 days, for vendors to provide patch for the top three most exploited zero-day vulnerabilties The top five zero-days of 2014 were actively used by attackers for a combined 295 days before patches were available

34 14% less email towards 20% fewer targets
Attackers are streamlining and upgrading their techniques, while companies struggle to fight old tactics 8% increase in networks breaches with highly targeted spear-phishing attacks 14% less towards 20% fewer targets More efficient Watering hole attacks Monitoring site visitors and targeting only the companies they wanted to attack Trojanize software updates for specific organziations 60% of all targeted attacks struck small and medium organizations Companies with fewer resources to invest in security

35 Cyberattackers Are Leapfrogging Defenses in Ways Companies Lack Insight to Anticipate
Deploying legitimate software onto compromised computers to continue attacks Using commonly available crimeware to disguise themselves Building custom attacks software inside the victim's network, on the victim's own servers Using stolen accounts from one corporate victims to spear-phish another corporate victim Hiding inside software vendors updates

36 Malware used in mass attacks increases and adapts
Non-targeted attacks still make up the majority of malware 26% increase More de 317 millions new pieces of malware Almost 1 milllion a day 28% of all malware was “virtual machine aware” Virtual environments do not privide any level of protection

37 Digital extortion on the rise
45 times more people had their device held hostage Ransomware attacks grew 113% 4000% increase in crypto-ransomware attacks $300-$500. With no guarantee their files will be freed In 2014 crypto-ransomware was seen 45 times more frequently then in 2013

38 Cybercriminals are leveraging social networks and apps to do their dirty work
remains a significant vector But there is a clear movement toward social media platforms 70% of social media scams were manually shared People are more likely to click something posted by a friend 17% of all android apps (nearly 1 million) were actually malware in disguise 36% of all mobile apps were grayware. Noit malicious in nature but do annoying things like tracking user behavior

39 Internet Of Things is not a new problem but an ongoing one
Attacks against Point Of Sales, ATMs, and Home routers continued Network connected devices with an embedded operating system Theoretically they are not considered IoT But it is not only PCs at risk Use of smart phones are a point of control 25% of users don't know what they agreed to give access to when downloading an app 68% were willing to trade their privacy for a free app 52% of health apps (many connected to wearable devices) did not have security or a simple privacy policy in place 20% sent personal information, logins and passwords in clear text

40 Important Facts

41

42 DDOS more than doubled from last year

43 → Java exploits have decreased by 34 percent, as Java
security improves and adversaries move to embrace new attack vectors. → Flash malware can now interact with JavaScript to help conceal malicious activity, making it much harder to detect and analyze. → Spam volume increased 250 percent from January 2014 to November 2014. → Snowshoe spam, which involves sending low volumes of spam from a large set of IP addresses to avoid detection, is an emerging threat. → Online criminals rely on users to install malware or help exploit security gaps.

44 Spam is external threat No 1
Malware is a close second 12% of companies had run-ins with targeted attacks. Up 3% from last year The protection of confidential data against leakages is now the top priority fr most companies

45 Within four hours of the Heartbleed vulnerability becoming public, Symantec saw a surge of attackers exploiting it. In 2014, it took 204 days, 22 days and 53 days, for vendors to provide patch for the top three most exploited zero-day vulnerabilties The top five zero-days of 2014 were actively used by attackers for a combined 295 days before patches were available 8% increase in networks breaches with highly targeted spear-phishing attacks 14% less towards 20% fewer targets Using stolen accounts from one corporate victims to spear-phish another corporate victim More de 317 millions new pieces of malware Almost 1 milllion a day 45 times more people had their device held hostage Ransomware attacks grew 113% 4000% increase in crypto-ransomware attacks $300-$500. With no guarantee their files will be freed In 2014 crypto-ransomware was seen 45 times more frequently then in 2013

46 Email remains a significant vector
But there is a clear movement toward social media platforms 70% of social media scams were manually shared People are more likely to click something posted by a friend 17% of all android apps (nearly 1 million) were actually malware in disguise 36% of all mobile apps were grayware. Noit malicious in nature but do annoying things like tracking user behavior Use of smart phones are a point of control 25% of users don't know what they agreed to give access to when downloading an app 68% were willing to trade their privacy for a free app 52% of health apps (many connected to wearable devices) did not have security or a simple privacy policy in place 20% sent personal information, logins and passwords in clear text

Download ppt "IBM 2015 Cyber Security Intelligence Index"

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
The Threat Landscape Jan 2013. 2013 Threat Report 2.

The Threat Landscape Jan Threat Report 2.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
TARGETED ATTACKS AND THE SMALL BUSINESS Stephen Ferrero Consultant, Xantrion.

TARGETED ATTACKS AND THE SMALL BUSINESS Stephen Ferrero Consultant, Xantrion.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
The Internet = A World of Opportunities Look what’s at your fingertips A way to communicate with friends, family, colleagues Access to information and.

The Internet = A World of Opportunities Look what’s at your fingertips A way to communicate with friends, family, colleagues Access to information and.
WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301) 512-3350.

WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301)
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
Topic 5: Basic Security.

Topic 5: Basic Security.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.

Grants Management Training 200 Cyber Security There are two kinds of people in America today: Those who have experienced a cyber-attack and know it, and.
Financial Sector Cyber Attacks Malware Types & Remediation Best Practices

Financial Sector Cyber Attacks Malware Types & Remediation Best Practices
Module 2.2 1. 2  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
Computer Skills and Applications Computer Security.

Computer Skills and Applications Computer Security.
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. State of Network Security.

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. State of Network Security.
Computer Security By Duncan Hall.

Computer Security By Duncan Hall.
Cybersecurity Test Review Introduction to Digital Technology.

Cybersecurity Test Review Introduction to Digital Technology.

Similar presentations

Ads by Google