New Delhi -°C
Today in New Delhi, India

Feb 16, 2020-Sunday
-°C

Humidity
-

Wind
-

Select city

Metro cities - Delhi, Mumbai, Chennai, Kolkata

Other cities - Noida, Gurgaon, Bengaluru, Hyderabad, Bhopal , Chandigarh , Dehradun, Indore, Jaipur, Lucknow, Patna, Ranchi

Home / Tech / Cyber threat: Over 8.5 billion records compromised in 2019, says IBM

Cyber threat: Over 8.5 billion records compromised in 2019, says IBM

The new IBM report highlights how cybercriminals’ techniques have evolved after decades of access to tens of billions of corporate and personal records and hundreds of thousands of software flaws.

tech Updated: Feb 13, 2020 11:11 IST
Indo Asian News Service
Indo Asian News Service
New Delhi
Scanning and exploitation of vulnerabilities resulted in 30 per cent of observed incidents, compared to just 8 per in 2018.
Scanning and exploitation of vulnerabilities resulted in 30 per cent of observed incidents, compared to just 8 per in 2018. (Getty Images/iStockphoto)

More than 8.5 billion breached records were reported in 2019 with seven billion of them, or over 85 per cent, being due to misconfigured cloud servers and other improperly configured systems, according to a new report from IBM Security.

The report titled “IBM X-Force Threat Intelligence Index 2020” highlights how cybercriminals’ techniques have evolved after decades of access to tens of billions of corporate and personal records and hundreds of thousands of software flaws.

According to the report, 60 per cent of initial entries into victims’ networks that were observed leveraged either previously stolen credentials or known software vulnerabilities, allowing attackers to rely less on deception to gain access.

ALSO READ: Hackers are selling data of 30 million payment cards on dark web

“The cyber threat environment in India has evolved over the years. Cybercriminals continue to fall back on using their usual tricks like stolen credentials, weaponizing vulnerabilities, phishing attacks, ransomware etc in addition to discovering newer ways of hacking,” Vaidyanathan R Iyer, Security Software Leader, IBM India/South Asia, said in a statement.

WATCH: Samsung launches Galaxy Z Flip, phone folds at a vertical crease 

“Threats to sectors like financial services, retail and government continue to be the key concerns. Organizations need to take stronger measures to improve their security posture while maintaining the user experience,” Iyer said.

Phishing was a successful initial infection vector in less than one-third of the incidents observed, compared to half in 2018, said the report.

Scanning and exploitation of vulnerabilities resulted in 30 per cent of observed incidents, compared to just 8 per in 2018.

In fact, older, known vulnerabilities in Microsoft Office and Windows Server Message Block were still finding high rates of exploitation in 2019, the report revealed.

ALSO READ: Google fixes critical flaw in Android that let attackers gain access to your data using Bluetooth

The use of previously stolen credentials is also gaining ground as a preferred point-of-entry 29 per cent of the time in observed incidents, it added.

Nearly 60 per cent of the top 10 spoofed brands identified were Google and YouTube domains, while Apple (15 per cent) and Amazon (12 per cent) domains were also spoofed by attackers looking to steal users’ monetizable data, the IBM report said.