Shellshock Vulnerability Played a Major Role in Many Attacks in 2015
The financial services industry is no longer the most targeted sector when it comes to data-stealing cyber attacks, as healthcare climbed to the top in 2015, IBM X-Force’s 2016 Cyber Security Intelligence Index reveals.
Overall, all industries had their fair share of data breaches last year, though some were targeted far more frequently than others, the report reveals. In 2015, healthcare, manufacturing and government organizations around the world were the focus of cybercriminal attacks, yet not all attackers sought direct financial gains, IBM says.
Despite not even making it to top five most targeted industries in 2014, healthcare managed to grab the top spot last year, as five of the top eight largest healthcare security breaches since the beginning of 2010 took place in the first half of 2015. Overall, more than 100 million healthcare records were compromised last year.
Although financial services were the most targeted industry in 2014, the segment dropped to the third position last year, while manufacturing (including automotive, electronics, textile and pharmaceutical companies) climbed to the second position. Government agencies secured the fourth position last year, with millions of employees exposed in a single breach in the US, while transportation was the fifth-most attacked industry in 2015.
The total number of security events registered last year was 35 percent lower compared to the previous year, while the number of attacks was tenfold lower. However, the number of security incidents was 64 percent higher when compared to the previous year, at 178. According to the IBM, the higher number of detected incidents is the result of improvements in detection and policy refinement.
IBM researchers also note that Shellshock, a previously reported vulnerability in the Bash shell, which is widely used on Linux, Solaris and Mac OS systems, played a major role in many of last year’s attacks. Although around for over 20 years, the flaw was disclosed only in late 2014, and IBM says that it was leveraged in multiple unauthorized access attacks last year.
The report also reveals that 60 percent of all attacks last year were carried out by insiders, regardless of whether they had malicious intent or simply served as inadvertent actors. These inadvertent actors are typically well-meaning employees who either mistakenly allow an attacker access to data or fail to pay attention to the company’s cyber security policies.
“The year 2015 was filled with serious data breaches, major attacks and an ever-flowing stream of new vulnerability reports—across the entire industry. And while financial gain is still a powerful motivator for cyber criminals, it’s by no means the only one. Last year’s attackers branched out in a big way—inflicting physical damage, stealing intellectual property and lodging political protests,” the report says.
As David Holmes, an evangelist for F5 Networks' security solutions, explained in a SecurityWeek column earlier this year, there were a crazy number of high-profile breaches in 2015, although 2014 had been previously called the year of the “The Year of the Mega-Breach.” He also said that the security community might have reached the apex of breach awareness and is now descending into a trough of breach fatigue.