1 / 16

IBM X-Force Threat Intelligence Quarterly 2Q 2014 Diana Kelley Executive Security Advisor

IBM X-Force Threat Intelligence Quarterly 2Q 2014 Diana Kelley Executive Security Advisor @ DianaKelley14. IBM X-Force is the foundation for advanced security and threat research across the IBM Security Framework. The Mission of X-Force is to…

leo-gilmore
Download Presentation

IBM X-Force Threat Intelligence Quarterly 2Q 2014 Diana Kelley Executive Security Advisor

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. IBM X-Force Threat Intelligence Quarterly 2Q 2014 Diana Kelley Executive Security Advisor @DianaKelley14

  2. IBM X-Forceis the foundation for advanced security and threat research across the IBM Security Framework.

  3. The Mission of X-Force is to… • Monitor and evaluate the rapidly changing threat landscape • Research new attack techniques and develop protection for tomorrow’s security challenges • Educate our customers and the general public • Deliver Threat Intelligence to make IBM solutions smarter

  4. What we tell our customers:IBM X-Force monitors and analyzes the changing threat landscape Coverage Depth 20,000+ devices under contract 3,700+ managed clients worldwide 15B+ events managed per day 133 monitored countries (MSS) 1,000+ security related patents 100M+ customers protected from fraudulent transactions 22Banalyzed web pages & images 7M spam & phishing attacks daily 73Kdocumented vulnerabilities 860K malicious IP addresses 1000+ malware samples collected daily Millions of unique malware samples

  5. We are in an era of continuous breaches. Operational Sophistication IBM X-Force declaredYear of the Security Breach Near Daily Leaks of Sensitive Data 40% increase in reported data breaches and incidents Relentless Use of Multiple Methods 500,000,000+ records were leaked, while the future shows no sign of change 2011 2012 2013 Attack types SQL injection Spear phishing DDoS Third-party software Physical access Malware XSS Watering hole Undisclosed Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2014 Note: Size of circle estimates relative impact of incident in terms of cost to business.

  6. Attackers exploit application vulnerabilities to access sensitive data. • Not testing puts the organization at risk of exposing valuable assets • Broken authentication can result in take over of banking session and funds transfer as if the attacker were the legitimate user. • OpenSSL bug put a huge number of websites at risk for data leakage of private and critical information. • Mitigating potential damages of breached user credentials, SSL certificates, and other sensitive information made cleanup a challenge. 50% of organizations underestimate the number of web applications they have deployed Test and Remediate AppVulns Protect Web Servers Expect the Unexpected • If your incident response is built around planning for the known situations, you're at a loss. Contents of random access memory (RAM) are now fair game, like data stored on the disk.

  7. Underestimating web applications is not uncommon. Broken authentication and CSRF occurred in 23% of the 900+ dynamic web app scans tested

  8. Client requests to perform large-scale, ongoing scanning of live sites has increased.

  9. Spam continues to be a main channel of malware into company networks. In March 2014, we saw the highest levels of spam measured during the last two and a half years.

  10. Attackers are recycling old image-spam techniques to test detection and exploit email inboxes.

  11. Attackers look for creative ways to evade spam filters - again.

  12. Attackers are using doctor and medic .ru domains in these attacks. Since the beginning of February 2014, spammers have used the domains they have purchased for other, non-image based types of spam.

  13. Spam bot infections are higher in locations still reliant on Windows XP. In 16 of 20 countries researched for spambot infection, usage of Windows XP is significantly higher than the WW average. In some cases, usage is more than 30%.

  14. Expanded operations outside of traditional markets occur on a more frequent basis; Incident Response teams must be prepared. Driven by stiffer regulations on personal data and the importance placed on security breaches, many organizations need answers faster and more efficiently than ever before. Overnight Mail Shipping impacted systems and forensics data can be difficult. Bandwidth Data transfers can be limited by slow, unreliable connections. Working Hours Time-zone differences can impact work schedules. RAM External drives may not be available for storing RAM dump files. Skill Sets System administrators may not be trained in incident response.

  15. Connect with IBM X-Force Research & Development Follow us at @ibmsecurity and @ibmxforce Download IBM X-Force Threat Intelligence Quarterly Reports http://www.ibm.com/security/xforce/ IBM X-Force Security Insights blog at www.SecurityIntelligence.com/x-force

More Related