IBM Security Intelligence Blog

Announcing the IBM X-Force 2013 Mid-Year Trend and Risk Report

For over 15 years, IBM X-Force has been tracking trends and emerging threats. Today we released the2013 mid-year trend and risk report which highlights some of our key findings.

While vulnerability statistics, attack trends, and data breaches are all covered in detail, one of the more interesting points of discussion is a look at the psychology and social engineering around how these attacks are implemented. We explore how attackers have learned to capitalize and take advantage of the human factor in trust relationships.

Attackers are optimizing tactics

Attackers are optimizing their operations around many key initiatives which include a path of least resistance to reach the largest number of potential targets for the minimal amount of exploit effort.

For example, attackers are optimizing:

  • The exploitation of trust via social media.
  • Coordinated operations leaking user data as well as exploiting weak entry points into global brands such as foreign local language or franchise sites.
  • Mobile malware with Android devices as the market expands.
  • Take over of central strategic targets to access and exploit a broader base of end users.
  • Diversion and distraction techniques which throw security administrators off path, while breaching targets under the cover. 

Targeted Attacks

Consider the following…

As technology began its meteoric rise alongside humanity, the maturity and understanding of how we react to each other face-to-face was left behind. Suddenly we were getting schooled on how to send proper emails. Companies began to initiate programs to teach human users how to use technology responses so conversations didn’t leave a harsh two-dimensional trail of requests. Users had to begin learning new phrases like spam, phishing and spear-phishing. In one quick decade, the way we create and transact business with each other had changed drastically.

How is this relevant to today’s ever changing technology?

Rise in Exploitation of Trusted Relationships

In this quickening pace of technology, it is imperative for security professionals to understand how attackers are taking advantage of trust in relationships to breach an organization, target groups of users, and create methods of diversion.

Attackers today are operating more like marketing organizations in professional enterprises by leveraging metrics such as return on investment (ROI) and search engine optimization (SEO) to gain higher click through rates with maximum reach, to ultimately optimize their capital gain.

There’s also shattered trust or diminished trust relationships that continue to affect business practice.  Some examples:

  • Enterprises who trust the correct security procedures and policies are implemented on their networks but are shown differently by high breach activity that continues.
  • Users who trust that a company is protecting their personal data.
  • Enterprises that “want to trust” the growing wave of infrastructure that is social media and mobile as it expands the fluidity of our lives.
  • Network and security admins who trust that “old attack methods and historic vulnerabilities” are not as important as other more current issues.
  • Software developers and technical, security-savvy people who visit a trusted site not thinking that they have to protect themselves from drive-by-downloads.

[Read More]