On March 29, IBM Security announced results from the 2017 IBM X-Force Threat Intelligence Index which found the number of records compromised grew a historic 566 percent in 2016 from 600 million to more than 4 billion. These leaked records included data cybercriminals have traditionally targeted like credit cards, passwords and personal health information, but IBM X-Force also noted a shift in cybercriminal strategies. In 2016, a number of significant breaches were related to unstructured data such as e-mail archives, business documents, intellectual property and source code.
The IBM X-Force Threat Intelligence Index is based on observations from more than 8,000 monitored security clients in 100 countries and data derived from non-customer assets such as spam sensors and honeynets in 2016. IBM X-Force runs network traps around the world and monitors more than eight million spam and phishing attacks daily while analyzing more than 37 billion web pages and images.
"Cybercriminals continued to innovate in 2016 as we saw techniques like ransomware move from a nuisance to an epidemic," said Caleb Barlow, Vice President of Threat Intelligence, IBM Security. "While the volume of records compromised last year reached historic highs, we see this shift to unstructured data as a seminal moment. The value of structured data to cybercriminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetize it this year in new ways."
In a separate study last year, IBM Security found 70 percent of businesses hit by ransomware paid over $10,000 to regain access to business data and systems. In the first three months of 2016, the FBI estimated cybercriminals were paid a reported $209 million via ransomware. This would suggest that criminals made nearly $1 billion from their use of the malware just last year.
The promise of profits and the increasing willingness of businesses to pay allowed cybercriminals to invest a lot of time on ransomware in 2016. The primary delivery method for ransomware is via malicious attachments in spam e-mails. This fueled a 400 percent increase in spam year over year with roughly 44 percent of spam containing malicious attachments. Ransomware made up 85% of those malicious attachments in 2016.
You can download a copy of the 2017 IBM X-Force Threat Index here.
E-mail: firstname.lastname@example.org Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology