As more companies increase their cybersecurity measures and awareness, cybercriminals have started altering their techniques to focus more on return on investment, according to IBM's "2019 X-Force Threat Intelligence Index" report.
The report is based on observations from 70 billion security events that occurred per day between Jan. 1, 2018, and Dec. 31, 2018, across more than 130 countries. Data is analyzed from multiple sources, including IBM Managed Security Services and X-Force Incident Response and Intelligence Services.
Five things to know:
1. The report details two major shifts among cybercriminals: a decreased reliance on malware and a decline in ransomware attacks.
2. Cybercriminals have also increased "cryptojacking" attacks — the illegal use of an organization's or individual's computing power without their knowledge to mine cryptocurrencies. Cryptojacking nearly doubled the number of cyberattacks in 2018.
"One of the hottest commodities is computing power tied to the emergence of cryptocurrencies," Wendi Whitmore, IBM X-Force Incident Response and Intelligence Services global lead, said in a news release. "This has led to corporate networks and consumer devices being secretly highjacked to mine for these digital currencies."
3. Throughout 2018, ransomware attempts declined. In the fourth quarter of 2018, attempts to install ransomware on X-Force monitored devices were down 55 percent with respect to the first quarter, while cryptojacking attacks rose 450 percent in the same timeframe.
4. Targeted phishing campaigns accounted for 29 percent of cyberattacks in 2018. Of those phishing campaigns, business email compromise scams made up 45 percent of attacks.
5. In place of malware last year, cybercriminals leveraged common administration applications to gain illegal profits and evade detection in 57 percent of cyberattacks.
"If we look at the drop in the use of malware, the shift away from ransomware, and the rise of targeted campaigns, all these trends tell us that ROI is a real motivating factor for cybercriminals," Ms. Whitmore said. "We see that efforts to disrupt adversaries and make systems harder to infiltrate are working. While 11.7 billion records were leaked or stolen over the last three years, leveraging stolen personally identifiable information for profit requires more knowledge and resources, motivating attackers to explore new illicit profit models to increase their ROI."
Report authors concluded that organizations can increase cybersecurity preparedness through preventive measures such as threat hunting and risk management models.
To view IBM's full report and list of recommendations, click here.