Cybercrime continues to increase every year, with seemingly no words adequate to describe it. IBM found one to describe 2015: Epic.
That’s how it described 2015 in its annual Threat Intelligence report issued Monday. All of its predictions for the year were exceeded, it noted, including more international crime, more sophisticated mobile threats, burgeoning fraud methods for new payment schemes and biometrics becoming a target.
“We expect the situation to become very intense in 2016 as more organized crime groups step up their presence in the digital realms,” the report adds.
The sophistication of attack techniques increased in the year with advances such as overlay malware on mobile platforms, tricking end users into providing personal data as desktop browser web injections had done in years past, it says.
Popular attack methods such as distributed-denial-of-service (DDoS) attacks continued to used, particularly as a distraction to cover a more targeted attack technique or as away to demand ransom.
The good news? IBM [NYSE: IBM]researchers estimate 1 billion records were leaked in 2014. By comparison last year 600 million records were disclosed after breaches. But these included over 30 million heisted from the parent of Canadian dating site Ashley Madison, a massive breach of bureaucrat records at the U.S. Office of Personnel Management and five huge breaches at U.S. hospitals.
No one is cheering at this drop.
Theft of data records wasn’t the only problem. In addition to what is assumed to be a nation-state attack on infrastructure in Ukraine, 2015 also saw the discovery that fraudsters who infiltrated public relations news sites over five years US$100 million using insider information gleaned from soon-to-be-published corporate press releases.
The report points out that more countries — including Canada — are requiring data breaches to be reported, so the number is likely to go up.
If there was one trend that stretched across all cybercrime domains in 2015, the report says, it was the scaling up of the magnitude and breadth of each malware-related transaction and operation. “Every type of malware cyber attack last year—from ransomware to banking Trojans, and from cyber-extortion to targeted attacks—scaled up its per-hit quota. Cybercriminals accomplished this goal by shifting some of their focus from attacking individual consumers, to targeting businesses.”
So, for example, a gang will harvest administration credentials for a corporate email server, then used social engineering to send a credible-looking email from the CEO or CFO to the company’s accountant or treasurer to promptly make a large wire transfer.
The report notes that toward the end of the year a security researcher uncovered a number of misconfigured NoSQL databases that exposed more than 200 million combined records.
What can be done to stem this tide? The misconfigured databases emphasize that, more than ever, basic security practices are critical to protecting end-user data, the report says.
As for other problems, “the complexities of doing business at scale, both strategic and technical, create barriers to overcome in preventing these attacks from occurring,” the report says. But, it adds, “a focus on user education and systematic protocols for operating a strong risk assessment program can provide value in that effort.”