IBM Security Systems IBM X-Force 2012 Annual Trend and Risk Report

Similar documents
IBM Security Network Protection Solutions

Predators are lurking in the Dark Web - is your network vulnerable?

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

May the (IBM) X-Force Be With You

SECURE YOUR APPLICATIONS, SIMPLIFY AUTHENTICATION AND CONSOLIDATE YOUR INFRASTRUCTURE

IBM Next Generation Intrusion Prevention System

Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza

Latest View on the Threat of Information Security and Risk Management Trends

McAfee Labs Threat Report

IC B01: Internet Security Threat Report: How to Stay Protected

The New Era of Cognitive Security

Web Applications Part 1 The Weak Link in Information Security Your Last Line of Defense

ISE Cyber Security UCITS Index (HUR)

Internet Security Threat Report Volume XIII. Patrick Martin Senior Product Manager Symantec Security Response October, 2008

Building Resilience in a Digital Enterprise

AKAMAI CLOUD SECURITY SOLUTIONS

Current procedures, challenges and opportunities for collection and analysis of Criminal Justice statistics CERT-GH

Ponemon Institute s 2018 Cost of a Data Breach Study

The Scenes of Cyber Crime

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

IBM MaaS360 Kiosk Mode Settings

Are we breached? Deloitte's Cyber Threat Hunting

THE RISE OF GLOBAL THREAT INTELLIGENCE

Cybersecurity. Anna Chan, Marketing Director, Akamai Technologies

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

THE ACCENTURE CYBER DEFENSE SOLUTION

CloudSOC and Security.cloud for Microsoft Office 365

Cybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY

IBM Security Network Protection Solutions

MSS VSOC Portal Single Sign-On Using IBM id IBM Corporation

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Security Gap Analysis: Aggregrated Results

ThaiCERT Incident Response & Phishing cases in Thailand. By Kitisak Jirawannakool Thai Computer Emergency Response team (ThaiCERT)

How to Secure Your Cloud with...a Cloud?

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

Systemic Analyser in Network Threats

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

DMARC Continuing to enable trust between brand owners and receivers

ISAM Federation STANDARDS AND MAPPINGS. Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support.

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

IBM Security Network Protection Open Mic - Thursday, 31 March 2016

Let s Talk About Threat Intelligence

IBM Threat Protection System: XGS - QRadar Integration

COST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Seqrite Endpoint Security

Intelligent and Secure Network

Q WEB APPLICATION ATTACK STATISTICS

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

ISAM Advanced Access Control

Governance Ideas Exchange

IBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation

Mitigating Security Breaches in Retail Applications WHITE PAPER

The Challenge of Spam An Internet Society Public Policy Briefing

New Zealand National Cyber Security Centre Incident Summary

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74

Gladiator Incident Alert

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

BUFFERZONE Advanced Endpoint Security

Provide Your Customers with a New Compute Experience

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Trend Micro Deep Discovery for Education. Identify and mitigate APTs and other security issues before they corrupt databases or steal sensitive data

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

Use Cases. E-Commerce. Enterprise

Security by Default: Enabling Transformation Through Cyber Resilience

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management

Reduce Your Network's Attack Surface

Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

The Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It

Smart Attacks require Smart Defence Moving Target Defence

IBM Cloud Internet Services: Optimizing security to protect your web applications

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions

Protecting Against Online Banking Fraud with F5

Defending Against Known & Unknown Threats

Prolexic Attack Report Q4 2011

THALES DATA THREAT REPORT

Cyber Security: Threat and Prevention

Connect Securely in an Unsecure World. Jon Clay Director: Global Threat

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Advanced Threat Defense Certification Testing Report. Trend Micro Incorporated Trend Micro Deep Discovery Inspector

Defensible and Beyond

RiskSense Attack Surface Validation for Web Applications

Cyber Attacks & Breaches It s not if, it s When

Security Trend of New Computing Era

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

Protect Your Organization from Cyber Attacks

THE KERNEL. Our in-house professional team is highly skilled in delivering cutting-edge solutions to our clients.

Machine-Powered Learning for People-Centered Security

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

Service Provider View of Cyber Security. July 2017

Transcription:

IBM Security Systems IBM X-Force 2012 Annual Trend and Risk Report Leslie Horacek X-Force Threat Response Manager horacek@be.ibm.com April 2013 1

X-Force is the foundation for advanced security and threat research across the IBM Security Framework The mission of X-Force is to: Monitor and evaluate the rapidly changing threat landscape Research new attack techniques and develop protection for tomorrow s security challenges Educate our customers and the general public 2 IBM Security Systems

Collaborative IBM teams monitor and analyze the latest threats Coverage 20,000+ devices under contract 3,700+ managed clients worldwide 13B+ events managed per day 133 monitored countries (MSS) 1,000+ security related patents Depth 17B analyzed web pages & images 40M spam & phishing attacks 80K documented vulnerabilities Billions of intrusion attempts daily Millions of unique malware samples 3 IBM Security Systems

What are we seeing? Key Findings from the 2012 Trend Report Threats and Activity 40% increase in breach events for 2012 Sophistication is not always about technology SQL Injection, DDoS, Phishing activity increased from 2011 Java means to infect as many systems as possible Operational Security Software vulnerability disclosures up in 2012 Web application vulnerabilities surge upward XSS vulnerabilities highest ever seen at 53% Content Management Systems plug-ins provide soft target Emerging Trends Social Media leveraged for enhanced spear-phishing techniques and intelligence gathering Mobile Security should be more secure than traditional user computing devices by 2014 4 IBM Security Systems

2011: The year of the targeted attack 2011 Sampling of Security Incidents by Attack Type, Time and Impact Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses Attack Type SQL Injection URL Tampering Spear Phishing 3 rd Party Software DDoS SecureID Trojan Software Unknown IT Security Marketing Services IT Security Size of circle estimates relative impact of breach in terms of cost to business Entertainment Consumer Electronics Defense Banking Consumer Electronics Defense Banking National Police Internet Services Gaming Gaming Central Govt Central Govt Consulting Entertainment Central Agriculture Government State Police Defense Gaming Central Government Police Central Central Government Government Entertainment State Police Telecommunic ations Consulting Consumer Electronics Financial Market Defense National Police IT Security Heavy Industry Insurance Internet Services Central Government Central Government Online Gaming Online Gaming Online Gaming Apparel Central Government Central Govt Central Government Consumer Electronics Online Gaming Online Services Online Gaming Online Services Online Gaming Government Consulting Online Gaming Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Source: IBM X-Force Research 2011 Trend and Risk Report 5 IBM Security Systems

2012: The explosion of breaches continues! 2012 Sampling of Security Incidents by Attack Type, Time and Impact Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses Source: IBM X-Force Research 2012 Trend and Risk Report 6 IBM Security Systems

Attacker types and motivations have not changed Majority of the security incidents disclosed in 2012 were carried out by attackers going after a broad target base while using offthe-shelf tools and techniques (top left) SQL injection and DDoS continue to be tried-and-true methods of attack Attackers are opportunistic, not all APTs and state-sponsored use exotic malware and zero-day vulnerabilities 7 IBM Security Systems

Operational sophistication, not always technology sophistication 8 IBM Security Systems

Tried and true techniques - SQL and Command Injection attacks Dramatic and sustained rise in SQL injectionbased traffic Alerts came from all industry sectors, with a bias toward banking and finance targets 9 IBM Security Systems

Tried and true techniques - Distributed Denial of Service (DDoS) High profile DDoS attacks marked by a significant increase in traffic volume Implementation of botnets on compromised web servers in high bandwidth data centers 10 IBM Security Systems

Tried and true techniques - Spear-phishing against social networks Overall spam volume continues to decline, but spam containing malicious attachments is on the rise Scammers rotate the carousel of their targets focusing on social networks in 2012 11 IBM Security Systems

Botnet Command & Control Server resiliency Operational sophistication: When botnet command and control servers are taken down, other readily available networks can be put into action 12 IBM Security Systems

Why was Java one of 2012 s hottest software targets? 1. Java is cross-platform 2. Exploits written for Java vulnerabilities are very reliable and do not need to circumvent mitigations in modern OSes 3. The Java plugin runs without a sandbox making it easier to install persistent malware on the system 13 IBM Security Systems http://java-0day.com/

As a result, exploit authors and toolkits favor Java Web browser exploit kits - aka exploit packs - are built for one particular purpose: to install malware on enduser systems In 2012 we observed an upsurge in web browser exploit kit development and activity - the primary target of which are Java vulnerabilities 14 IBM Security Systems

Within 2-3 months, 3-4 exploit kits will have a Java exploit integrated CVE-2012-0507 CVE-2012-1723 CVE-2012-4681 15 IBM Security Systems

Software vulnerabilities - disclosures up in 2012 8,168 publicly disclosed vulnerabilities An increase of over 14% from 2011 16 IBM Security Systems

Public exploit disclosures not as many true exploits Continued downward trend in percentage of public exploit disclosures to vulnerabilities Slightly up in actual numbers compared to 2011 17 IBM Security Systems

Web application vulnerabilities surge upward 14% increase in web application vulnerabilities Cross-site scripting represented 53% 18 IBM Security Systems

Content Management Systems plug-ins provide soft target Attackers know that CMS vendors more readily address and patch their exposures Compared to smaller organizations and individuals producing the add-ons and plug-ins 19 IBM Security Systems

Social Media and Intelligence Gathering 50% of all websites connected to social media Enhanced spear-phishing seemingly originating from trusted friends and co-workers 20 IBM Security Systems

Mobile devices should be more secure in 2014 Mobile computing is becoming increasingly secure, based on technical controls occurring with security professionals and software development - Separation of Personas & Roles - Ability to Remotely Wipe Data - Biocontextual Authentication - Secure Mobile App Development - Mobile Enterprise App Platform (MEAP) 21 IBM Security Systems

Get Engaged with IBM X-Force Research and Development Follow us at @ibmsecurity and @ibmxforce Download X-Force security trend & risk reports http://www-03.ibm.com/security/xforce/ Subscribe to X-Force alerts at http://iss.net/rss.php or X-Force Security Insights blog at http://www.ibm.com/blogs/xforce Key Seller Contacts https://w3-connections.ibm.com/files/app?lang=en#/file/9aba0a2b-8e16-4be9-b666-7130a952db73 Robert Freeman, Manager XF Advanced Security Research rgfreem@us.ibm.com Leslie Horacek, XF Threat Response HORACEK@be.ibm.com Doron Shiloach, XF Product Manager doron@us.ibm.com Michael Hamelin, XF Security Architect michael.hamelin@us.ibm.com Clinton McFadden, XF Sr. Operations Mgr. clinjmcf@ca.ibm.com Kevin Skapinetz, Program Director Product Strategy kskap@us.ibm.com Jason Brewer, Manager XF Development jcbrewer@us.ibm.com 22 IBM Security Systems Steve Seidenberg, Manager XF Security Content sseidenb@us.ibm.com Ted Bannon, Manager XF Quality Assurance tbannon@us.ibm.com Brad Sherrill, Manager XF Data Intelligence bsherrill@us.ibm.com Ralf Iffert, Mgr, XF Content Security ralf.iffert@de.ibm.com Carsten Dietrich, Product Line Mgr, Content Security Carsten.Dietrich@de.ibm.com

ibm.com/security Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United 23 States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback