Presentation is loading. Please wait.

Presentation is loading. Please wait.

IBM 2016 Cyber Security Intelligence Index

Published byClare Eaton Modified over 6 years ago

Similar presentations

Presentation on theme: "IBM 2016 Cyber Security Intelligence Index"— Presentation transcript:

1 IBM 2016 Cyber Security Intelligence Index

2 And you thought you could trust her/him

3 Definitions Security Event Security attack Security incident
An event on a system or network detected by a security device or application. Security attack A security event that has been identified by correlation and analytics tools as malicious activity that is attempting to collect, disrupt, deny, degrade or destroy information system resources or the information itself. Security incident An attack or security event that has been reviewed by security analysts and deemed worthy of deeper investigation. IBM

4 Less Attacks more Incidents

5 Attacks by industry - Five of the eight largest healthcare security breaches since 2010 took place in 2015 - In 2015 over 100 million healthcare records were compromised

6 Nature of the incidents
Shellshock, a 20 year old vulneravility was very popular

7 Cisco 2015 Security Annual Report

8 Users becoming the weakest link
The Cisco 2016 Annual Security Report—which presents research, insights, and perspectives from Cisco Security Research—highlights the challenges that defenders face in detecting and blocking attackers who employ a rich and ever-changing arsenal of tools.

9 Major developments and discoveries
The largest Angler exploit kit operation in the United States, and SSHPsychos, one of the largest distributed denial of service (DDoS) botnets were identified and weakened considerably. Thanks to the collaboration of the industry Cisco, Level 3 Threat Research Lab, Limestone Malicious browser extensions can be a major source of data leakage for businesses and are a widespread problem. We estimate that more than 85 percent of organizations studied are affected by malicious browser extensions. Well-known botnets like Bedep, Gamarue, and Miuref represented the majority of botnet command-and- control activity. Cisco’s analysis of malware validated as “known bad” found that the majority of that malware—91.3%—uses the Domain Name Service (DNS) to carry out attacks.

10 Major developments and discoveries
HTTPS has reached a tipping point: it will soon become the dominant form of Internet traffic It protects costumers but makes the security community to track threads Many sites created with WordPress are compromised and used by bad actors Aging infrastructure is growing and leaves organizations increasingly vulnerable to compromise. Out 115,000 Cisco devices analyzed 92% were running software with known vulnaribilies 31% are “end of sale” 8% are “end of life” 59% of organizations said their security infraestructure was “very up to date” (64% in 2014) 48% of SMBs said they used web security (59% in 2014) 29% of SMBs said they used patching and configuration tools (39% in 2014)

11

12 Symantec Global Intelligence Network
63.8 million attack sensors Records thousands of events per second 157 countries Combination of Symantec products and services Deeplight, Intelligeneces, Managed Security Services, Norton consumer products, other third party data sources and decoy accounts 74,180 recorded vulnerabilties (over more than two decades

13 Zero Day Vulnerabilities
A New Zero-Day Vulnerability was Discovered on Average Each Week in 2015 54 in 2015 23 in 2013 (more than double than 2012) 24 in 2014 The hunt for zero days is being professionalized. When The Hacking Team was exposed in as having at least six zero-days in its portfolio Four of the five most exploited zero-day vulnerabilities in 2015 were Adobe Flash They target popular software

14 Personal Information Stolen
Over half a billion personal records in 2015 A lot of companies are not reporting the full extent of their data breaches 85% increase 429 million reported 23% increase Nine mega-breaches in 2015 Mega-breach → more than 10 million records In million were exposed in one mega- breach Companies choosing to hold back critical details is a disturbing trend Transparency is critical to security

15 Web sites Web administrators still struggle to stay current on patches
Over one million web attacks against people each and every day in 2015 Cybercriminals continue to take advantage of vulnerabilities in legitimate websites to infect users because website administrators fail to secure their websites More than 75% of all legitimate websites have unpatched vulnerabilities. 15% of legitimate websites have vulnerabilities deemed ‘critical’ it takes trivial effort for cybercriminals to gain access and manipulate these sites for their own purposes

16 Spear-Phishing Attacks
Targeting employees increased 55% in 2015 Steady increase in attacks targeting businesses with less than 250 employees 43% increase One company of 35 employees Was a victim. The attacker was a competitor which hid in the network for two years, straling customer and pricing information No business is without risk The Butterfly gang steals information to use in stock manipulation.

17 Ransomware 35% increase in 2015 It is evolving
Locker-style → Crypto-style It moved from Pcs to smart phones MAC and Linux systems were also attacked Symantec demonstrated (proof-of-concept) Attacks to smart watches and TV sets

18 Fake technical Supprt Symantec Blocked 100 Million Fake Technical Support Scams in 2015 Discovered first in 2010 Has evolved from cold-calling unsuspecting victims to the attacker fooling victims into calling them directly Pop-ups that alert of a serious problem Stearing the victim to an 800 number Where a “technical support representative” is waiting Netflix expanded into new countries Accounts sold in the black market The accounts information was stolen via phishing or malware

19

20

21

22 Web based attacks

23 Geography of Web-based attacks

24 Geography of local threats

25 Vulnerable applications used in attacks Corporate Users

26 Vulnerable applications used in attacks Home Users

27 Type of attacked applications

28 Ransomware

29 Predictions No more APTs Ransomware continues
Advanced Persistent Threat To reduce traces left to avoid detection Ransomware continues To other platforms (Linux, Mobile, OS X) how much would you be willing to pay to regain access to your TV programming? Your fridge?, Your car? Financial Crimes at the highest level POS, ATM ApplePay and AndroidPay

30 Predictions Attacks on Security Vendors IDA and Hiew
OllyDbg and WinDbg Vmware and VirtualBox Github PGP

Download ppt "IBM 2016 Cyber Security Intelligence Index"

Similar presentations

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO.

Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO.
Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.

Nate Olson-Daniel Director of Strategic Development & Principal Engineer The Inevitable Attack.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.
WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301) 512-3350.

WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301)
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz

Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz
1 The New Security Blueprint : Challenges & Opportunities Ajay Goel, Managing Director, Symantec India & SAARC Sept 1, 2011.

1 The New Security Blueprint : Challenges & Opportunities Ajay Goel, Managing Director, Symantec India & SAARC Sept 1, 2011.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.

Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.
Financial Sector Cyber Attacks Malware Types & Remediation Best Practices

Financial Sector Cyber Attacks Malware Types & Remediation Best Practices
Sky Advanced Threat Prevention

Sky Advanced Threat Prevention
MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.

MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.
Cyber Security in the Post-AV Era Amit Mital Chief Technology Officer General Manager, Emerging Endpoints Business Unit.

Cyber Security in the Post-AV Era Amit Mital Chief Technology Officer General Manager, Emerging Endpoints Business Unit.
© 2015 IBM Corporation John Guidone Account Executive IBM Security 267-238-3407 IBM MaaS360.

© 2015 IBM Corporation John Guidone Account Executive IBM Security IBM MaaS360.
External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.

External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.

Similar presentations

Ads by Google