Light Dark
June 2, 2015 By Pamela Cobb < 1 min read
Advanced Threats
Data Protection
X-Force

The rise of social media, cloud, mobility and big data makes insider threats harder to identify, and provide more ways to pass protected information. The average organization monitored by IBM Security Services experienced approximately 81 million security events in 2014, with 55% of attacks carried out by those who had insider access to organizations’ systems. Historically, the term “insider threat” meant that disgruntled or negligent employees were inflicting harm to the company’s assets, either physical or electronic. Today many different classifications have been identified, from inadvertent insiders to quasi-insiders like 3rd party contractors.

Key findings of the IBM X-Force Threat Intelligence Quarterly – 2Q 2015:

  • Social engineering has turned an annoyance like spam into a legitimate attack vector, as for-profit operators create and sell spam campaigns to trick inadvertent insiders to open an attachment or click on a link.
  • Through rigorous practices such as monitoring and maintenance of privileged access, enterprises can better manage and monitor users and networks for both security and compliance.
  • In the event of an incident, a thorough understanding of what transpired is essential to preventing it from happening again; learn more about network forensics and how it can benefit the investigation process.

Download the complete IBM X-Force Threat Intelligence Quarterly – 2Q 2015

Pamela Cobb
Market Segment Manager, IBM X-Force and Security Intelligence

More from Advanced Threats
November 6, 2023

GootBot – Gootloader’s new approach to post-exploitation

8 min read - IBM X-Force discovered a new variant of Gootloader — the "GootBot" implant — which facilitates stealthy lateral movement and makes detection and blocking of Gootloader campaigns more difficult within enterprise environments. X-Force observed these campaigns leveraging SEO poisoning, wagering on unsuspecting victims' search activity, which we analyze further in the blog. The Gootloader group’s introduction of their own custom bot into the late stages of their attack chain is an attempt to avoid detections when using off-the-shelf tools for C2…

August 2, 2022

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

4 min read - You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however, it’s important to understand how to build, implement and mature a repeatable, internal threat hunting program. What are the components…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature
Press play to continue listening
00:00 00:00