THE SAGE SECURITY BODS AT IBM have assessed last year in general and found that it was a bonanza year for vulnerability disclosures and data breaches.
We'd kinda worked that out for ourselves, but it is great to have some figures to back it up. For example, the number of security breaches increased by 566 per cent, climbing from 600 million to more than 4 billion. IBM reminds us, unnecessarily, that there were a load of high profile breaches last year.
"These leaked records include data cybercriminals have traditionally targeted like credit cards, passwords and personal health information, but IBM X-Force also noted a shift in cybercriminal strategies," it said.
"In 2016, a number of significant breaches related to unstructured data such as email archives, business documents, intellectual property and source code were also compromised."
We are just observers, of course, but IBM has a massive network of things to study this and count it all up. In fact, it boasts that the IBM X-Force Threat Intelligence Index has 8,000 monitored security clients in 100 countries and spam sensors and honeynets all over the shop In total it reckons that it traps, tracks and monitors more than eight million spam and phishing attacks a day. Show offs.
"Cybercriminals continued to innovate in 2016 as we saw techniques like ransomware move from a nuisance to an epidemic," said Caleb Barlow, Vice President of Threat Intelligence, IBM Security.
"While the volume of records compromised last year reached historic highs, we see this shift to unstructured data as a seminal moment. The value of structured data to cybercriminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetize it this year in new ways."
Let's have a little quiz then. What kind of attack do you think will be hitting you and networks over the next year?
Give yourself a pat on the back if you said ransomware. Ransomware is everywhere, and we are always hearing about shakedown artists and people that download ridiculously crap applications and invite ransomware into their lives.
"The promise of profits and businesses increasing willingness to pay empowered cybercriminals to double down on ransomware in 2016. The primary delivery method for ransomware is via malicious attachments in spam emails," says IBM.
"This fueled a 400 per cent increase in spam year over year with roughly 44 percent of spam containing malicious attachments. Ransomware made up 85 per cent of those malicious attachments in 2016."
There is some good news in the report. That is that companies that choose to use protection from a provider tend to suffer less than mugs that just chug along without adopting something like, and this is a random example, an IBM monitored security setup. µ
And, er, not much else
To serve, protect, and get incredibly hot and dusty
Symantec links attack to prolific Lazarus hacking group
Chinese firms drive global smartphone growth in first quarter