IBM Security Report: Entering the era of the 'customized' attack

Twitter icon
Facebook icon
LinkedIn icon
e-mail icon
Google icon

Emails containing viruses and 'customized' criminal security attacks are on the rise by 50 percent in the first half of this year, with the primary targets being the government, financial services, manufacturing, healthcare industries, and multinational corporations. Those are the findings of IBM's Global Business Security Index, a worldwide barometer of security trends collected and analyzed by the company's Global Security Intelligence team and its partners, IBM said.
   
The report indicates that there has been a substantial up shoot of 'for profit' attacks which target specific organizations and industries with the aim of swiping important data, identities or extortion. Particularly vulnerable to attack, according to the report, are the aerospace, petroleum, and manufacturing industries.  
    
According to the report, there were more than 237 million overall security attacks in the first half of the year. The government was the most targeted industry, with more than 54 million attacks, while manufacturing ranked second with 36 million attacks. Coming in third was financial services with approximately 34 million. Healthcare was hit with more than 17 million attacks -- accounting for more than 137 million of all attacks this year.
    
Additionally, IBM has seen a resurgence of targeted phishing attacks for money laundering and identity fraud purposes, believed to be largely driven by criminal gangs that have become more astute in the creation and delivery of such attacks. According to its latest Global Business Security Index, in the first half of the year there were more than 35 million phishing attacks launched to steal critical data and personal information for financial gains.
    
Attacks such as  'spear phishing,' which are highly targeted and coordinated attacks at a specific organization or individual designed to gain critical data have shot up by more than ten-fold since January. This variety of attack has been known to defraud businesses, steal identities and intellectual property and extort money, and otherwise causing more permanent damage than has been previously associated with viruses.
    
The levels of ordinary virus sent this year has dropped, which appeared to be a good sign, but it seems clear that this is simply because hackers have changed their focus and moved to more criminal and lucrative areas of directing attacks to specific individuals or organizations.