Security Experts:

Connect with us

Hi, what are you looking for?


Incident Response

Healthcare Was Most Attacked Industry in 2015: IBM

Shellshock Vulnerability Played a Major Role in Many Attacks in 2015 

Shellshock Vulnerability Played a Major Role in Many Attacks in 2015 

The financial services industry is no longer the most targeted sector when it comes to data-stealing cyber attacks, as healthcare climbed to the top in 2015, IBM X-Force’s 2016 Cyber Security Intelligence Index reveals.

Overall, all industries had their fair share of data breaches last year, though some were targeted far more frequently than others, the report reveals. In 2015, healthcare, manufacturing and government organizations around the world were the focus of cybercriminal attacks, yet not all attackers sought direct financial gains, IBM says.

Healthcare Industry Most Targeted By Cybercriminals in 2015Despite not even making it to top five most targeted industries in 2014, healthcare managed to grab the top spot last year, as five of the top eight largest healthcare security breaches since the beginning of 2010 took place in the first half of 2015. Overall, more than 100 million healthcare records were compromised last year.

Although financial services were the most targeted industry in 2014, the segment dropped to the third position last year, while manufacturing (including automotive, electronics, textile and pharmaceutical companies) climbed to the second position. Government agencies secured the fourth position last year, with millions of employees exposed in a single breach in the US, while transportation was the fifth-most attacked industry in 2015.

The total number of security events registered last year was 35 percent lower compared to the previous year, while the number of attacks was tenfold lower. However, the number of security incidents was 64 percent higher when compared to the previous year, at 178. According to the IBM, the higher number of detected incidents is the result of improvements in detection and policy refinement.

IBM researchers also note that Shellshock, a previously reported vulnerability in the Bash shell, which is widely used on Linux, Solaris and Mac OS systems, played a major role in many of last year’s attacks. Although around for over 20 years, the flaw was disclosed only in late 2014, and IBM says that it was leveraged in multiple unauthorized access attacks last year.

The report also reveals that 60 percent of all attacks last year were carried out by insiders, regardless of whether they had malicious intent or simply served as inadvertent actors. These inadvertent actors are typically well-meaning employees who either mistakenly allow an attacker access to data or fail to pay attention to the company’s cyber security policies.

“The year 2015 was filled with serious data breaches, major attacks and an ever-flowing stream of new vulnerability reports—across the entire industry. And while financial gain is still a powerful motivator for cyber criminals, it’s by no means the only one. Last year’s attackers branched out in a big way—inflicting physical damage, stealing intellectual property and lodging political protests,” the report says.

As David Holmes, an evangelist for F5 Networks’ security solutions, explained in a SecurityWeek column earlier this year, there were a crazy number of high-profile breaches in 2015, although 2014 had been previously called the year of the “The Year of the Mega-Breach.” He also said that the security community might have reached the apex of breach awareness and is now descending into a trough of breach fatigue.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Incident Response

Implementation of security automation can be overwhelming, and has remained a barrier to adoption