Learning Library

← Back to Library

X-Force 2023: Backdoors, Ransomware, Phishing

3mUnknown ChannelsecuritynewsintermediateWatch on YouTube ↗

Key Points

  • The 2023 X‑Force Threat Intelligence Index analyzes billions of 2022 data points and highlights back‑doors as the most common attacker objective, accounting for 21% of incidents and often serving as a precursor to ransomware.
  • Ransomware attacks have accelerated dramatically, with the average dwell time shrinking from just over two months to roughly three days, underscoring the need for customized, regularly‑tested incident‑response plans.
  • Phishing remains the dominant infection vector, responsible for 41% of attacks, driven in part by remote‑work‑related email exposure and a surge in “thread hijacking” tactics that exploit ongoing conversations.
  • X‑Force advises organizations to focus on the specific threat actors most likely to target their industry, geography, and sector, and to implement proactive detection and rapid remediation to mitigate the compounded risks of back‑doors, ransomware, and phishing.

Sections

Full Transcript

# X-Force 2023: Backdoors, Ransomware, Phishing **Source:** [https://www.youtube.com/watch?v=jxfNE3P-roQ](https://www.youtube.com/watch?v=jxfNE3P-roQ) **Duration:** 00:03:53 ## Summary - The 2023 X‑Force Threat Intelligence Index analyzes billions of 2022 data points and highlights back‑doors as the most common attacker objective, accounting for 21% of incidents and often serving as a precursor to ransomware. - Ransomware attacks have accelerated dramatically, with the average dwell time shrinking from just over two months to roughly three days, underscoring the need for customized, regularly‑tested incident‑response plans. - Phishing remains the dominant infection vector, responsible for 41% of attacks, driven in part by remote‑work‑related email exposure and a surge in “thread hijacking” tactics that exploit ongoing conversations. - X‑Force advises organizations to focus on the specific threat actors most likely to target their industry, geography, and sector, and to implement proactive detection and rapid remediation to mitigate the compounded risks of back‑doors, ransomware, and phishing. ## Sections - [00:00:00](https://www.youtube.com/watch?v=jxfNE3P-roQ&t=0s) **IBM X‑Force Threat Index Overview** - The segment introduces IBM’s 2023 X‑Force Threat Intelligence Index, emphasizing its billions of data points and concentrating on the three leading 2022 threat actions—backdoors, ransomware, and phishing—to illustrate the need for collaborative security responses. ## Full Transcript
0:00the 2023 xforce threat intelligence 0:03index including info on back doors 0:05ransomware and fishing all on this 0:08episode of IBM Tech now what's up y'all 0:10my name is Ian and I am back to bring 0:12you the latest and greatest news and 0:14announcements about IBM 0:16technology it's officially that time of 0:18year again and ibmx force has released 0:20their annual threat intelligence index a 0:23comprehensive analysis of all their 0:25research data from January to December 0:28of 2022 and included literally billions 0:31of data points so this thing is Big 0:33folks now we do this as a resource for 0:36clients policy makers researchers and 0:38the security industry in general because 0:40today's volatile landscape with its 0:42increasingly sophisticated and malicious 0:44threats requires a collaborative effort 0:47to protect businesses and 0:49citizens these essential research 0:51insights and recommendations can help 0:53you respond to a tax with greater speed 0:55and Effectiveness the report is 0:57absolutely packed with important 0:59information so we're going to limit the 1:00discussion in this episode to three main 1:02topics back doors ransomware and fishing 1:06to start the most common actionon 1:08objective taken by thread actors in 2022 1:11was the deployment of back doors with a 1:1321% share of incidents reported as a 1:16refresher actionon objective is a term 1:19we in cyber security borrowed from the 1:21military and it refers to the action and 1:23Intruder takes to achieve their goals 1:26now back doors are often precursors to 1:29ransomware events detecting back doors 1:31before ransomware is deployed gives us 1:33an opportunity as Defenders to prevent 1:36the catastrophic impact of ransomware 1:38encrypting a bunch of systems it also 1:40helps prevent the double extortion 1:42techniques that thread actors are using 1:45while many organizations have a broad 1:47view of the threat landscape exforce 1:49recommends organizations adopt a view 1:51that emphasizes the specific threat 1:53actors that are most likely to Target 1:55your industry organization and 1:58geography next let's look at at 2:00ransomware ransomware attacks have 2:02gotten much faster which means there 2:04must be faster responses in fact the 2:06average duration of a ransomware attack 2:08has gone from a little over two months 2:10to just a little over 3 days when things 2:13are moving that quickly the best defense 2:15is to be prepared attacks are inevitable 2:17but failure doesn't have to be 2:19organizations should develop incident 2:21response plans customized to their 2:23environment those plans should be 2:25regularly drilled and modified as the 2:27organization changes with a focus on 2:29improving response remediation and 2:31recovery time finally let's talk a 2:34little about fishing remote work is 2:37fueling another spike in email Bas 2:39threats and fishing Remains the leading 2:41infection Vector with 41% of the share 2:44one particular method that saw a 2:46significant rise last year was thread 2:48hijacking this is where threat actors 2:50reply to recent email threads to trick 2:53your friends family and co-workers into 2:55providing access to sensitive 2:57information data or systems essentially 3:00they're creating a chain reaction with 3:01potential victims even worse free chat 3:04Bots and AI services like chat GPT are 3:07making these threats harder to detect to 3:10prevent similar incidents from happening 3:12in the future it's important to 3:13understand the root cause of the 3:15incident this may involve a combination 3:17of technical procedural and human 3:20factors so a comprehensive approach is 3:22necessary to identify all potential 3:24causes to get the full rundown on all 3:26the 2022 research around backd doors 3:29ransomware fishing and much much more 3:31make sure you download the new threat 3:33intelligence index from the link in the 3:35description of this video thanks so much 3:37for joining me today for this episode of 3:39IBM Tech now if you're interested in 3:40learning more about the topics I've 3:42covered make sure you explore the links 3:43in the description of this video and 3:45again please don't forget to subscribe 3:47to our channel to stay up to date on 3:48what's going on in Tech now