IBM X-Force Threat Intelligence Index 2017
-
Upload
jie-liau -
Category
Technology
-
view
278 -
download
4
Transcript of IBM X-Force Threat Intelligence Index 2017
![Page 1: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/1.jpg)
IBM X-Force Threat Intelligence Index 2017Jie Liau, June 2017
http://w3-01.ibm.com/sales/ssi/cgi-bin/ssialias?htmlfid=WGL03140USEN
![Page 2: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/2.jpg)
Who am I
![Page 3: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/3.jpg)
Defining Year of Security
● More than 4 billion records were leaked in 2016– More than the combined total from the 2 past years
– But...
– 12% decrease in attacks in 2016 compared to 2015
– 48% decrease in security incidents in 2016 compared to 2015
![Page 4: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/4.jpg)
Huge Impact on Real World
● Panama Paper– Prime Minister of Iceland stepped down
● Hillary Clinton email controversy– President Trump
● Ukraine's power outage– Took place during an ongoing Russian-Ukrainian war
– BlackEnergy3 is used by Sandworm team
● First bank ATMs cashed out– Thailand and Europe
![Page 5: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/5.jpg)
![Page 6: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/6.jpg)
● Phishing– First step to attack
● Malware– Ransomware
● SQL Injection (SQLi)– Yahoo / Linkedin / Dropbox leak
● Distributed Denial of Service (DDoS)– Not long ago, 100Gbps attacks were unprecedented
– But...
– DNS provider, Dyn was attacked by Mirai botnet
– France-based hosting provider OVH was hit by 1Tbps DDoS attack, Dec 2016
– 650Gbps DDoS attach from Leet botnet
– China Great Cannon
● Undisclosed– Exploits that do not yet have defined signature or cannot be remediated by a software patch
![Page 7: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/7.jpg)
● Among malicious attachment to spam, ransomware accounted for the vast majority – 85%
● Hollywood hospital pays 40 bitcons to unlock encrypted files
![Page 8: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/8.jpg)
Record Numbers of Vulnerability disclosures
● Web application vulnerability disclosures made up 22% of the total in 2016
![Page 9: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/9.jpg)
Top Attack Types
● Inject unexpected items– SQLi, OS CMDi
● Manipulate data structures– Buffer overflow
● Indicator– Either an attempted or a successful attack
● Employ probabilistic techiques– Brute-force password attack
● Engage in deceptive interaction– Phishing
![Page 10: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/10.jpg)
● Top-Targeted Industries
● Where are the “BAD GUYS” ?
![Page 11: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/11.jpg)
High-Level Trend
● Slow and steady wins the race● Cyber gangs sharpen the focus on business
accounts● Commercial malware making the rounds● Venturing into additional cybercrime realms
![Page 12: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/12.jpg)
Extra Bonus ...
![Page 13: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/13.jpg)
OWASP
● Open Web Application Security Project● Free and open software security community● OWASPBWA
– Broken Web Applications produces a virtual machine running a variety of applications with known vulnerabilities
– https://sourceforge.net/projects/owaspbwa/files/
![Page 14: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/14.jpg)
China Great Cannon
GreatFire: https://github.com/greatfireCN-NY Times: https://github.com/cn-nytimes/
![Page 15: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/15.jpg)
TOR Network● A group of volunteer-operated servers that allows
people to improve their privacy and security on the internet
![Page 16: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/16.jpg)
wannacry
WannaCrypt0r: https://drive.google.com/xxxx/x/xxxxxxxxxxxxxxxxxxxxxxxxxxx/view?usp=sharing
Reverse: https://anhkgg.github.io/wannacry-analyze-report/
![Page 17: IBM X-Force Threat Intelligence Index 2017](https://reader034.fdocuments.in/reader034/viewer/2022051101/5a65aa847f8b9ab3488b4b11/html5/thumbnails/17.jpg)
https://www.facebook.com/jie.liau
https://www.linkedin.com/in/jieliau/
https://github.com/jieliau
https://twitter.com/JieLiau
https://www.facebook.com/ibmsecurity/
https://www.linkedin.com/showcase/164263/
https://twitter.com/IBMSecurity
https://www.ibm.com/security/