sb-nz logo
Story image

IBM Security X-Force reports 'record' 556% increase in breaches

30 Mar 2017

IBM Security’s 2017 X-Force Threat Intelligence Index has uncovered an unprecedented increase in the number of breaches last year - a 556% increase from 600 million to 4 billion records.

It also found more than 10,000 software vulnerabilities last year - the highest number of single-year vulnerabilities on record over IBM X-Force’s history.

The report analysed data from more than 8000 security clients across 100 countries and specialised spam sensors, honeypots and web pages. 

Spam numbers also increased 400% last year. 44% of spam contained malicious attachments and 85% of those attachments contained ransomware. 

Caleb Barlow, IBM Security’s VP of Threat Intelligence, says cybercriminals continued to innovate as ransomware evolved from a nuisance to an epidemic.

Behind the scenes, attackers are also switching things up. Unstructured data, such as email archives, documents, intellectual property and source code are becoming more attractive targets, right alongside structured data such as credit card data, passwords or personal health information.

“While the volume of records compromised last year reached historic highs, we see this shift to unstructured data as a seminal moment. The value of structured data to cybercriminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetise it this year in new ways,” Barlow says.

The report found that the healthcare sector is no longer the most targeted. It was knocked out of the top five industry attacks. 12 million healthcare records were breached, down from 100 million in 2015. This is an 88% drop over a single year. 

Instead, attackers are going after financial services. But the sector seems to be fighting back - financial services was third on the list for the amount of compromised records.

IBM Security believes this shows the financial services sector may have benefited from sustained security practices. 

Which sectors were the most vulnerable? The ICT sector experienced 3.4 billion exposed records and 85 breaches. The government sector experienced 398 million exposed records and 39 breaches. 

IBM Security says defence strategies are working. The average monitored organisation experienced 54 million security events last year, 3% more than in 2015. 

“This was marked by a 12 percent decrease year-over-year in attacks. As security systems are further tuned and new innovations like cognitive systems grow, the number of incidents overall dropped 48 percent in 2016,” the company states.

Story image
Cybersecurity market continues meteoric ascent
With the increase in cyberattacks, organisations are continuing to spend more money on security. However, without a focused cybersecurity strategy, they often spend it in the wrong areas.More
Story image
Security and operations collaboration key to success post COVID-19
“We are in an ultra-hybrid world with multi-everything, and in order to successfully navigate this landscape, ITOps, DevOps, and SecOps teams need to more closely align."More
Story image
Revealed: Imperva publishes research on decade old botnet, responsible for millions of attacks
Imperva Research Labs has revealed findings of a six-month intensive investigation into a botnet that has been exploiting CMS vulnerabilities.More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More
Story image
Cisco report: Remote working is here to stay, making cybersecurity a top priority
"With this new way of working here to stay and organisations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”More
Story image
Entrust launches cloud-based ID issuance solution
The Sigma instant ID solution uses encryption, trusted HSM technology and secure boot to issue highly secure physical and mobile identities.More