Light Dark
January 30, 2018 By Rueben Rodriguez 2 min read
Threat Intelligence
Advanced Threats
Application Security
X-Force

How can it be that we are already through January and moving into February of the new year? I don’t know about you, but I still have a long list of resolutions to accomplish and I need to focus on what I can realistically get done in 2018.

This makes me think about how everyone in the security industry has been talking about new initiatives and goals for 2018. However, we would be remiss not to look back at the security lessons we learned and the goals we collectively accomplished in 2017. To get a head start on the new year, we should reflect on these insights and apply them to the work we need to complete in 2018.

Taking Stock of Security Lessons From 2017

So what happened in 2017 that required us to work harder and be more diligent than we thought possible? As an esteemed colleague of mine kindly reminded me, these “exercises” are simply “opportunities” to better our cybersecurity skills.

As we in IBM Security, specifically the X-Force Exchange team, take the time to look back, we can appreciate the hard work and collaboration that transpired to help make the world a safer place. Below are a few highlights and accomplishments we were proud to bring to the security industry last year.

  • We worked together to address data breaches and vulnerabilities that kept us all on our toes. A few of the big ones, such as WannaCry, NotPetya and Bad Rabbit, come to mind.
  • IBM produced the “X-Force 2017 Data Breach Review,” which revealed that:
    • Computer services and government agencies were hardest hit by breaches in terms of number of records and incidents;
    • Misconfigurations accounted for the largest number of records breached; and
    • The U.S. was the largest bull’s-eye for breaches in terms of number of incidents.
  • We grew our user base to over 50,000 security professionals around the globe representing all major industries, and provided a go-to resource to research and share threat intelligence, including both indicators of compromise and higher-order insights.
  • Our team supported the Quad9 initiative with the Packet Clearing House (PCH) and Global Cyber Alliance (GCA). We even offered a domain for anyone to use to enhance security and privacy while traversing the web.
  • We listened to our users’ feedback to further improve the user experience of the X-Force Exchange. We incorporated numerous innovations to the platform, including more robust notifications, a customizable experience and more X-Force research on current threats and vulnerabilities.

Don’t Let Your Guard Down in 2018

Even though we are proud of all the progress we made and security lessons we learned in 2017, we can’t afford to slack on our goals and resolutions for 2018. Bad actors will continue to attack our networks and exploit both known and unknown vulnerabilities. That’s why it is good to set achievable goals to ensure that we are doing everything we can to protect what is most important within our companies. It also means that, as a community of security professionals, we need to keep working together to spread security awareness and deal with whatever threats come our way.

To learn more about how you can get ahead of the next cybercriminal trend, check out the X-Force Exchange and start using it today.

Explore the IBM X-Force Exchange Now

 |  |  |  |  |  | 
Rueben Rodriguez
Product Marketing Team Lead - Threat Intelligence, IBM Security

More from Threat Intelligence
July 26, 2024

img test

7 min read - test imgWhat is Lorem Ipsum? Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic typesetting, remaining essentially unchanged. It was popularised in the 1960s with the release of Letraset sheets containing Lorem Ipsum passages,…

November 6, 2023

GootBot – Gootloader’s new approach to post-exploitation

8 min read - IBM X-Force discovered a new variant of Gootloader — the "GootBot" implant — which facilitates stealthy lateral movement and makes detection and blocking of Gootloader campaigns more difficult within enterprise environments. X-Force observed these campaigns leveraging SEO poisoning, wagering on unsuspecting victims' search activity, which we analyze further in the blog. The Gootloader group’s introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2…

October 30, 2023

Hive0051’s large scale malicious operations enabled by synchronized multi-channel DNS fluxing

12 min read - For the last year and a half, IBM X-Force has actively monitored the evolution of Hive0051’s malware capabilities. This Russian threat actor has accelerated its development efforts to support expanding operations since the onset of the Ukraine conflict. Recent analysis identified three key changes to capabilities: an improved multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and the use of fileless PowerShell variants of the Gamma malware. As of October 2023, IBM X-Force has also observed a significant increase in…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature