1
Breaches Without Borders: 2015 Year in Review Malware crossing We saw several incidents of malware crossing borders into new regions in 2015, which requires significant investment and sophistication for the cybercrime gangs to execute: July August September November December Dyre Trojan appears in Spain Tinba sets sights on Romania Gozi moves into Bulgaria Shifu spreads to the UK Tinba hits Russia Dyre retools for Australia Dridex aims at new Australian targets Zeus Chtonik enables a screen grabber in Australia URLZone 2 re-emerges in the cybercrime arena, targets the UK, Poland, Hungary Rovnix invades Japan October Malware leaps across target countries are indicative of increasing sophistication and organization in crime rings because they require more than simple changes to configuration files. Does your security earn a passing grade? Cybercriminals moved to the top of the class in 2015, but a failure in security fundamentals put the industry at risk with massive breaches of highly sensitive data. Attack types Brute force Watering hole Physical access Phishing SQLi Malvertising Misconfig. DDoS Malware Undisclosed January February March April May June July August September October November December The year opened with the first of five healthcare mega-breaches. Sensitive personal info leaked from a dating website provided attackers high value data used for extortion and other social engineering attacks. Misconfigured NoSQL databases publicly exposed over 210M records from companies spanning several industries. Size of circle estimates relative impact of incident in terms of cost to business, based on publicly disclosed information regarding leaked records and financial losses. Breaches without borders Also notable was the number of high-profile incidents around the world with significant breaches in Canada, Australia, the United Kingdom, France, Turkey and Japan. Canada • Popular dating and social community websites were breached, exposing sensitive personal data. Carbanak Global Heist • More than USD1B stolen from 100+ banks in 30 countries. Japan • Over 1M private citizen records exposed personal information. France • Phishing emails started a chain of events that led to 11 TV channels to be off air for 19+ hours. Turkey • 50M+ Turkish citizens had their national identity information leaked. Australia and the United Kingdom • Millions of customer records leaked from large retail chain. Is your security keeping pace with the growing sophistication of cybercrime organizations? To learn more, visit ibm.com/security/xforce © Copyright IBM Corporation 2016. IBM, the IBM logo, ibm.com and X-Force are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at www.ibm.com/legal/copytrade. Source: IBM X-Force Threat Intelligence Report - 2016
