INFOGRAPHIC: Inside an Attacker's Playbook


Published on

Inside an Attacker's Playbook: How attackers are taking advantage of the human factor

New research from IBM X-Force reveals findings on the psychology of how operationally sophisticated attacks are implemented and how attackers are taking advantage of the human factor of trust relationships.

>> Read the full report:

For over 15 years, IBM X-Force has been tracking trends and emerging threats. Today we released the 2013 mid-year trend and risk report which highlights some of our key findings.

While vulnerability statistics, attack trends, and data breaches are all covered in detail, one of the more interesting points of discussion is a look at the psychology and social engineering around how these attacks are implemented. We explore how attackers have learned to capitalize and take advantage of the human factor in trust relationships.

>> Read the full report:

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

INFOGRAPHIC: Inside an Attacker's Playbook

  1. 1. How attackers are taking advantage of the human factor Download the full IBM X-Force 2013 Mid-Year Trend and Risk Report to learn more about the latest vulnerability statistics, attack trends and data breaches. In the first six months of 2013, IBM X-Force: Social media has become the new playground New security vulnerabilities analyzed New web pages and images analyzed. 20 billion since 1999. New or updated entries in the IBM web filter database. 81 million in total. New, updated, or deleted signatures in the IBM spam filter database. 40 million in total. Criminals are selling accounts. Some are stolen, some are fabricated. 55% of all scam and phishing incidents are campaigns enticing users to click on malicious links regarding emails sent from social networks, Internet payment companies, and internal scanners or fax devices Poisoning the watering hole: targeting trusted sites Social media has quickly become a top target for attacks and we see mobile devices expanding those targets in different ways. Attackers continue to use social media as a means to gather intelligence required for more sophisticated attacks, and are even selling accounts. By compromising a central site and using it to serve malware, attackers are able to reach more technically savvy victims who might not be fooled in phishing attempts, but who do not suspect that the sites they trust could be malicious. High tech companies or government employees are a focus. It’s everywhere Malicious links and malware are lurking everywhere on the Internet. Social media: fertile ground for pre-attack intelligence gathering. Sources: 1. 2. © Copyright 2013. IBM, the IBM logo and are trademarks of IBM Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at INSIDE AN ATTACKER’S PLAYBOOK New research from IBM X-Force reveals findings on the psychology of how operationally sophisticated attacks are implemented and how attackers are taking advantage of the human factor of trust relationships. { { A single attack can influence millions The ability of a single attack to influence the actions of millions of people in real time is alarming. Attackers are targeting users and abusing trust, taking advantage of the psychology behind social media behavior. Takeover of notable social accounts If a Twitter user with millions of followers sends a link to an infected site, it greatly increases the odds that some percentage of people will click on it. $200 billion from a single tweet! Compromised trusted account sent out false information about explosions at the White House, impacting millions in a matter of minutes1 . Top website categories containing malicious links Top countries with the most disclosed breaches Top malware hosting countries 22.7% 16.5% 7.9% 5.7% 39.2% 8% XXX Blogs Search Gambling Personal Other United States Taiwan Japan United Kingdom The Netherlands Australia Czech Republic UK China Russia Canada France Netherlands GermanyOtherUSA 24% 42% 24% 10% Mobile: wherever you go, attackers will follow In the past few years, there has been an explosive growth in Android devices and malware authors are turning their attention in that area of growth. As the number of mobile users who own and operate Android devices rapidly expands, so too have malware authors increased their effort to take advantage of this larger opportunity. Vulnerability exploitation: targeting complex application patching Many security teams struggle with vulnerability management and the complexity of patching applications or systems, the unprotected result can be exploitation and an attacker who has now gained access to your system Top consequences of vulnerability exploitation Android users are increasingly becoming viable targets for these types of sophisticated attacks with strong intent related to specific organizations Viable Targets Malware authors are investing more effort into creating Android malware that are more resilient and dangerous ROI Less than 6% of Android devices are running the latest version. 4.2 Android version best equipped to combat these threats2 Up to date 50%+ of all web application vulnerabilities reported publicly were cross-site scripting (XSS) 31% of overall vulnerabilities are for Web applications 46%+ of 3rd-party CMS plug-in vulnerabilities are left unpatched, creating many opportunities for attacks 28% Gain access 18% Cross-site scripting (XSS) 13% Denial of Service 13% Obtain information 9% Bypass security 7% Gain privileges 5% Data manipulation 7% Other 50% 31% 46%