infographic: inside an attacker's playbook
DESCRIPTION
Inside an Attacker's Playbook: How attackers are taking advantage of the human factor New research from IBM X-Force reveals findings on the psychology of how operationally sophisticated attacks are implemented and how attackers are taking advantage of the human factor of trust relationships. >> Read the full report: http://ibm.com/security/xforce For over 15 years, IBM X-Force has been tracking trends and emerging threats. Today we released the 2013 mid-year trend and risk report which highlights some of our key findings. While vulnerability statistics, attack trends, and data breaches are all covered in detail, one of the more interesting points of discussion is a look at the psychology and social engineering around how these attacks are implemented. We explore how attackers have learned to capitalize and take advantage of the human factor in trust relationships. >> Read the full report: http://ibm.com/security/xforceTRANSCRIPT
How attackers are taking advantage of the human factor
Download the full IBM X-Force 2013 Mid-Year Trend and Risk Report to learn more about the latest vulnerability statistics, attack trends and data breaches.
In the first six months of 2013, IBM X-Force:
Social media has become the new playground
New security vulnerabilities
analyzed
New web pages andimages analyzed.
20 billion since 1999.
New or updated entries in the IBM web filter database.
81 million in total.
New, updated, or deleted signatures in the IBM spam filter database.
40 million in total.
Criminals are selling accounts. Some are stolen, some are fabricated.
55% of all scam and phishing incidents are campaigns enticing users to click on malicious links regarding emails sent from social networks, Internet payment companies, and internal scanners or fax devices
Poisoning the watering hole: targeting trusted sites
Social media has quickly become a top target for attacks and we see mobile devices expanding those targets in different ways. Attackers continue to use social media as a means to gather intelligence required for more sophisticated attacks, and are even selling accounts.
By compromising a central site and using it to serve malware, attackers are able to reach more technically savvy victims who might not be fooled in phishing attempts, but who do not suspect that the sites they trust could be malicious. High tech companies or government employees are a focus.
It’s everywhereMalicious links and malware are lurking everywhere on the Internet.
Social media: fertile ground for pre-attack intelligence gathering.
Sources:
1. http://mashable.com/2013/04/23/ap-hacked-white-house 2. http://developer.android.com/about/dashboards/index.html
© Copyright 2013. IBM, the IBM logo and ibm.com are trademarks of IBM Corp., registered in many jurisdictions worldwide.
Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available
on the web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml
INSIDE AN ATTACKER’S PLAYBOOK
New research from IBM X-Force
reveals findings on the psychology of
how operationally sophisticated
attacks are implemented and how
attackers are taking advantage of the
human factor of trust relationships.
{{
A single attack can influence millionsThe ability of a single attack to influence the actions of millions of people in real time is alarming. Attackers are targeting users and abusing trust, taking advantage of the psychology behind social media behavior.
Takeover of notable social accountsIf a Twitter user with millions of followers sends a link to an infected site, it greatly increases the odds that some percentage of people will click on it.
$200 billion from a single tweet!Compromised trusted account sent out false information about explosions at the White House, impacting millions in a matter of minutes1.
Top website categories containing malicious links
Top countries with the most disclosed breaches
Top malware hosting countries
22.7%
16.5%
7.9%
5.7%
39.2%
8%
XXX
Blogs
Search
Gambling
Personal
Other
United States
Taiwan
Japan
United Kingdom
The Netherlands
Australia
Czech Republic
UKChina
RussiaCanadaFrance
Netherlands
GermanyOtherUSA
24%
42%
24%
10%
Mobile: wherever you go, attackers will followIn the past few years, there has been an explosive growth in Android devices and malware authors are turning their attention in that area of growth. As the number of mobile users who own and operate Android devices rapidly expands, so too have malware authors increased their effort to take advantage of this larger opportunity.
Vulnerability exploitation: targeting complex application patching Many security teams struggle with vulnerability management and the complexity of patching applications or systems, the unprotected result can be exploitation and an attacker who has now gained access to your system
Top consequences of vulnerability exploitation
Android users are increasingly becoming viable targets for these types of sophisticated attacks with strong intent related to specific organizations
Viable Targets
Malware authors are investing more effort into creating Android malware that are more resilient and dangerous
ROI
Less than 6% of Android devices are running the latest version. 4.2 Android version best equipped to combat these threats2
Up to date
50%+ of all web application vulnerabilities
reported publicly were cross-site scripting (XSS)
31% of overall vulnerabilities are
for Web applications
46%+ of 3rd-party CMS plug-in vulnerabilities are left unpatched, creating many
opportunities for attacks
28% Gain access18% Cross-site scripting (XSS)
13% Denial of Service13% Obtain information
9% Bypass security7% Gain privileges
5% Data manipulation7% Other
ibm.com/security/xforce
50% 31% 46%