Contenu connexe Plus de IBM Security (20) Breaches Without Borders: 2015 Year in Review from IBM X-Force1. Breaches Without Borders:
2015 Year in Review
Malware crossing
We saw several incidents of malware crossing borders into new regions in 2015, which
requires significant investment and sophistication for the cybercrime gangs to execute:
July August September November December
Dyre Trojan
appears in Spain
Tinba sets sights
on Romania
Gozi moves into
Bulgaria
Shifu spreads to
the UK
Tinba hits Russia
Dyre retools for
Australia
Dridex aims at
new Australian
targets
Zeus Chtonik
enables a
screen grabber
in Australia
URLZone 2
re-emerges in the
cybercrime
arena, targets the
UK, Poland,
Hungary
Rovnix invades
Japan
October
Malware leaps across target countries are
indicative of increasing sophistication and
organization in crime rings because they
require more than simple changes to
configuration files.
Does your security earn a passing grade?
Cybercriminals moved to the top of the class in 2015, but a failure in security fundamentals put
the industry at risk with massive breaches of highly sensitive data.
Attack types
Brute force Watering hole Physical
access
Phishing SQLi Malvertising Misconfig. DDoS Malware Undisclosed
January February March April May June July August September October November December
The year opened with the
first of five healthcare
mega-breaches.
Sensitive personal info leaked from a dating
website provided attackers high value data
used for extortion and other social
engineering attacks.
Misconfigured NoSQL databases publicly
exposed over 210M records from
companies spanning several industries.
Size of circle estimates relative impact of incident in terms of cost to business, based on publicly disclosed information regarding leaked records and financial losses.
Breaches without borders
Also notable was the number of high-profile incidents around the world with significant breaches in
Canada, Australia, the United Kingdom, France, Turkey and Japan.
Canada
• Popular dating and social
community websites were
breached, exposing sensitive
personal data.
Carbanak Global Heist
• More than USD1B stolen from 100+ banks in
30 countries.
Japan
• Over 1M private citizen
records exposed personal
information.
France
• Phishing emails started a
chain of events that led to 11
TV channels to be off air for
19+ hours.
Turkey
• 50M+ Turkish citizens had their
national identity information leaked.
Australia and
the United Kingdom
• Millions of customer records
leaked from large retail chain.
Is your security keeping pace with the growing
sophistication of cybercrime organizations?
To learn more, visit ibm.com/security/xforce
© Copyright IBM Corporation 2016. IBM, the IBM logo, ibm.com and X-Force are trademarks of International Business Machines
Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or
other companies. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at
www.ibm.com/legal/copytrade.
Source: IBM X-Force Threat Intelligence Report - 2016