Shellshock Fades, Gozi Rises and Insider Threats Soar: IBM X Force Report
The IBM X-Force team examined numerous cyberthreats that shaped the threat landscape in 2017 and will continue to have an impact in 2018. The IBM X-Force Threat Intelligence Index 2018delved into some of the biggest issues the research team uncovered in the past year.
Cloud Misconfiguration Incidents Take Center Stage
Inadvertent insiders — employees who unwittingly caused security incidents through negligent actions — took center stage in 2017. According to the latest X-Force report, they were responsible for more than two-thirds of total records compromised last year. Misconfigured cloud servers and networked backup incidents unintentionally exposed more than 2 billion records, making confidential data ripe for picking.
More Highlights From the 2018 IBM X-Force Report
To uncover key trends in the 2017 cybersecurity threat landscape, such as the threat from inadvertent insiders, IBM X-Force research teams combed through and analyzed hundreds of millions of data points.
Below are a few important findings from the IBM X-Force Threat Intelligence Index 2018.
- Diminishing Shellshock attacks lead to a decline in network attacks and security incidents. Top targeted industries experienced a decline in attacks and security incidents — down 18 percent and 22 percent, respectively — in 2017 over the previous year. This decline is largely attributed to a reduction in Shellshock attacks, which is a result of the diminishing available attack surface due to patching. There were 71 percent fewer Shellshock attacks in 2017 than 2016.
- Gozi undergoes the most notable financial malware shift. The most active financial malware in 2017, Gozi (Ursnif), toppled Zeus from its No. 1 position. Gozi activity made up nearly one-fourth of the activity X-Force tracked, proving that organized crime is overtaking all other classes of threat actor in the financial malware-facilitated fraud scene.
- Destructive ransomworm attacks WannaCry, Not Petya and Bad Rabbit cost enterprises millions. Although many chief information security officers (CISOs) were already aware and concerned about crypto-ransomware, organizations faced a new breed of this threat in 2017. The X-Force report projects that this is likely to happen again in 2018.