Key Findings from the IBM X-Force Threat Intelligence Index 2018

IBM Security X-Force 2018 Threat Intelligence

SIEM solution provider IBM Security recently unveiled the IBM X-Force Threat Intelligence Index 2018, wherein they compiled and synthesized their global customer security event data from 2017. As always, IBM’s findings were surprising, insightful, and at times disturbing for enterprises concerned about their cybersecurity. Above all, the SIEM solution provider does not predict a slowdown in cybercrime—losses to cybercrime will cost enterprises between $2.1 trillion in 2019 and $6 trillion by 2021.

Here’s what IBM Security determined about the digital threat landscape in 2017:

  • Ransomware and ransomworm (like WannaCry) cost enterprises $8 billion. This includes both paying the ransomware and in the inherent network downtime resulting from an attack.
  • IBM recorded 2.9 billion records leaked in 2017. However, their findings only apply to publicly disclosed breaches. The actual number could be much higher. Yet IBM contends that records breaches declined in favor of ransomware.
  • Shellshock attacks declined 71% in 2017; patches have decreased that particular attack vector. Top targeted industries did see a notable decline in attacks and digital security incidents.
  • Injection attacks doubled in 2017, representing 79% of malicious attacks on enterprises. Other attack vectors included engaging deceptive interaction, manipulate system resources, manipulate data structures, and abusing existing functionality.
  • Most injection techniques try to upload malware to enterprise networks without user interaction.
  • ⅔ of record breaches in 2017 resulted from accidental or inadvertent insider threats. There has been a marked increase from such accidental damage. Spearphishing was the root cause of ⅓ of accidental insider threats.     

IBM Security notes that financial services were the top targeted industry for cybercrime once again, with other major targets including information and communications technology, manufacturing, retail, and professional services. The SIEM Solution Provider also noted that many of the injection attacks involved cryptocurrency mining (cryptojacking) attacks, which saw growth in 2017 and into 2018.

SIEM solutions should be on the lookout for an increase of ransomware and ransomworm attacks, mobile malware, and cryptocurrency attacks.

You can download the full report here.


Ben Canner

Leave a Reply

Your email address will not be published. Required fields are marked *