Connect with us

Technology

IBM Report: Ransomware Persisted Despite Improved Detection in 2022

Published

on

Manufacturing Most Extorted Industry; Email Thread Hijacking Attempts Spike; Time to Ransom Moves from Months to Days

ARMONK, N.Y., Feb. 22, 2023 /PRNewswire/ — IBM (NYSE: IBM) Security today released its annual X-Force Threat Intelligence Index finding that although ransomware’s share of incidents declined only slightly (4 percentage points) from 2021 to 2022, defenders were more successful detecting and preventing ransomware. Despite this, attackers continued to innovate with the report showing the average time to complete a ransomware attack dropped from 2 months down to less than 4 days. 

According to the 2023 report, the deployment of backdoors, which allow remote access to systems, emerged as the top action by attackers last year. About 67% of those backdoor cases related to ransomware attempts, where defenders were able to detect the backdoor before ransomware was deployed. The uptick in backdoor deployments can be partially attributed to their high market value. X-Force observed threat actors selling existing backdoor access for as much as $10,000, compared to stolen credit card data, which can sell for less than $10 today.

“The shift towards detection and response has allowed defenders to disrupt adversaries earlier in the attack chain – tempering ransomware’s progression in the short term,” said Charles Henderson, Head of IBM Security X-Force. “But it’s only a matter of time before today’s backdoor problem becomes tomorrow’s ransomware crisis. Attackers always find new ways to evade detection. Good defense is no longer enough. To break free from the never-ending rat race with attackers, businesses must drive a proactive, threat-driven security strategy.”

The IBM Security X-Force Threat Intelligence Index tracks new and existing trends and attack patterns – pulling from billions of datapoints from network and endpoint devices, incident response engagements and other sources.

Some of the key findings in the 2023 report include:

Extortion: Threat Actors Go-to Method. The most common impact from cyberattacks in 2022 was extortion, which was primarily achieved through ransomware or business email compromise attacks. Europe was the most targeted region for this method, representing 44% of extortion cases observed, as threat actors sought to exploit geopolitical tensions.Cybercriminals Weaponize Email Conversations. Thread hijacking saw a significant rise in 2022, with attackers using compromised email accounts to reply within ongoing conversations posing as the original participant. X-Force observed the rate of monthly attempts increase by 100% compared to 2021 data.Legacy Exploits Still Doing the Job. The proportion of known exploits relative to vulnerabilities declined 10 percentage points from 2018 to 2022, due to the fact that the number of vulnerabilities hit another record high in 2022. The findings indicate that legacy exploits enabled older malware infections such as WannaCry and Conficker to continue to exist and spread.

Extortion Pressure Applied (Unevenly)
Cybercriminals often target the most vulnerable industries, businesses, and regions with extortion schemes, applying high psychological pressure to force victims to pay. Manufacturing was the most extorted industry in 2022, and it was the most attacked industry for the second consecutive year. Manufacturing organizations are an attractive target for extortion, given their extremely low tolerance for down time.

Ransomware is a well-known method of extortion, but threat actors are always exploring new ways to extort victims. One of the latest tactics involves making stolen data more accessible to downstream victims. By bringing customers and business partners into the mix, operators increase pressure on the breached organization. Threat actors will continue experimenting with downstream victim notifications to increase the potential costs and psychological impact of an intrusion – making it critical that businesses have a customized incident response plan that also considers the impact of an attack on downstream victims.

Thread Hijacking on the Rise
Email thread hijacking activity surged last year, with monthly attempts by threat actors doubling compared to 2021 data. Over the year, X-Force found that attackers used this tactic to deliver Emotet, Qakbot, and IcedID, malicious software that often results in ransomware infections.

With phishing being the leading cause of cyberattacks last year, and thread hijacking’s sharp rise, it’s clear that attackers are exploiting the trust placed in email. Businesses should make employees aware of thread hijacking to help reduce the risk of them falling victim.

Mind the Gap: Exploit “R&D” Lagging Vulnerabilities
The ratio of known exploits to vulnerabilities has been declining over the last few years, down 10 percentage points since 2018. Cybercriminals already have access to more than 78,000 known exploits, making it easier to exploit older, unpatched vulnerabilities. Even after 5 years, vulnerabilities leading to WannaCry infections remain a significant threat. X-Force recently reported an 800% increase in WannaCry ransomware traffic within MSS telemetry data since April 2022. The continued use of older exploits highlights the need for organizations to refine and mature vulnerability management programs, including better understanding their attack surface and risk-based prioritization of patches.

Additional findings from the 2023 report include:

Phishers “Give Up” on Credit Card Data. The number of cybercriminals targeting credit card information in phishing kits dropped 52% in one year, indicating that attackers are prioritizing personally identifiable information such as names, emails, and home addresses, which can be sold for a higher price on the dark web or used to conduct further operations.North America Felt Brunt of Energy Attacks. Energy held its spot as the 4th most attacked industry last year, as global forces continue to affect an already tumultuous global energy trade. North American energy organizations accounted for 46% of all energy attacks observed last year, a 25% increase from 2021 levels.Asia Tops the Target List. Accounting for nearly one-third of all attacks that X-Force responded to in 2022, Asia saw more cyberattacks than any other region. Manufacturing accounted for nearly half of all cases observed in Asia last year.

The report features data IBM collected globally in 2022 to deliver insightful information about the global threat landscape and inform the security community about the threats most relevant to their organizations. You can download a copy of the 2023 IBM Security X-Force Threat Intelligence Report here.

Additional sources

Read more about the report’s top findings in this IBM Security Intelligence blog.Sign up for the 2023 IBM Security X-Force Threat Intelligence Index webinar on Thursday, March 2, 2022, at 11:00 a.m. ET here.Schedule a consult with IBM Security X-Force.

About IBM Security
IBM Security helps secure the world’s largest enterprises and governments with an integrated portfolio of security products and services, infused with dynamic AI and automation capabilities. The portfolio, supported by world-renowned IBM Security X-Force® research, enables organizations to predict threats, protect data as it moves, and respond with speed and precision without holding back business innovation. worldwide security experts, IBM is trusted by thousands of organizations as their partner to assess, strategize, implement, and manage security transformations. IBM operates one of the world’s broadest security research, development, and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide.

Press Contact:
IBM Security Communications
Michele Brancati
mbrancati@ibm.com

 

View original content to download multimedia:https://www.prnewswire.com/news-releases/ibm-report-ransomware-persisted-despite-improved-detection-in-2022-301752400.html

SOURCE IBM

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

Nearly 50% of Young People Resolve to Quit Nicotine in 2025

Published

on

By

EX Program by Truth Initiative Offers a Proven Path to Success

WASHINGTON, Dec. 23, 2024 /PRNewswire/ — Almost half (48%) of young people aged 18-24 are making quitting nicotine a priority for their 2025 New Year’s resolutions, according to new data from Truth Initiative® – the nation’s largest nonprofit public health organization dedicated to preventing youth and young adult nicotine addiction and empowering quitting for all.

 

This survey data* highlights a growing desire to break free from nicotine addiction and the urgent need for effective resources for 18- to 24-year-olds, among whom e-cigarette use is prevalent and dual use of cigarettes is a growing concern. For many, the journey to quit can feel daunting, especially for the scores of young people who think quitting means going “cold turkey” without a network of support. To meet this need, Truth Initiative is offering resources to help their resolutions stick and has launched Outsmart Nicotine, a new campaign designed to introduce young people to EX® Program, a comprehensive quitting resource developed in partnership with Mayo Clinic in 2008.

Empowering Young People with Tools and Encouragement Through EX Program

EX Program is a free cessation resource tailored to meet the unique challenges faced by young people. It offers proven, evidence-based tools designed to support quitting through personalized quit plans, interactive text messages, and 24/7 access to the nation’s most established online quit community. A randomized clinical trial among young adults published in JAMA Internal Medicine found that EX Program text message support can increase the odds of quitting by up to 40%, making EX Program one of the most effective resources for tackling nicotine addiction. These tools have helped millions quit nicotine over nearly two decades, solidifying EX Program as one of the most effective cessation resources available.

Redefining Quitter’s Day: Introducing “You Got This Day” as Part of the Outsmart Nicotine Campaign

Through the Outsmart Nicotine campaign, Truth Initiative is driving awareness of these tools with a series of ads that celebrate the small, everyday victories that lead to quitting nicotine for good. The campaign’s launch ad, “You Got This,” creates an uplifting tone with the iconic track “Can I Kick It?” by A Tribe Called Quest to inspire young people to take that first step toward a nicotine-free life.

“Quitting nicotine is hard, but it doesn’t have to be a lonely or impossible journey,” said Kathy Crosby, CEO and President of Truth Initiative. “With Outsmart Nicotine and the proven-effective EX Program, we’re showing young people that freedom from addiction is possible and within reach– and giving them the tools to quit smarter, not harder.”

Traditionally known as Quitter’s Day, the second Friday in January – January 10th in 2025 – marks the time of year when many people abandon their new year’s resolutions. Giving it a fresh perspective, Truth Initiative is renaming it “You Got This Day” to motivate young people to push through challenges and keep working toward their quit goals. The campaign reframes this day as a moment of empowerment, reminding young adults that quitting is difficult, but with the right support, it’s possible.

Take the First Step Toward Quitting

Truth Initiative invites young people to take the first step toward quitting by texting EXPROGRAM to 88709 or visiting exprogram.com. Organizations interested in EX Program’s enterprise solution can learn more at exprogram.com/enterprise.

*According to Truth Initiative Continuous Tracking Online (CTO) survey data collected October 17, 2024December 17, 2024, from 662 respondents.

About Truth Initiative
Truth Initiative® is a national nonprofit public health organization committed to a future free from lifelong addiction, fostering healthier lives and a more resilient nation. Our mission is to prevent youth and young adult nicotine addiction and empower quitting for all. Through our evidence-based, market-leading cessation EX® Program and national public education and prevention campaigns, we are leading the fight against youth and young adult tobacco use, which threatens to put a new generation at risk of lifetime nicotine addiction. Our rigorous scientific research and policy studies, community and youth engagement programs supporting populations at high risk of using tobacco, and innovation in tobacco dependence treatment continue to contribute to ending one of the most critical public health battles of our time. Based in Washington, D.C., our organization was established and funded through the 1998 Master Settlement Agreement between attorneys general from 46 states, five U.S. territories, and the tobacco industry. To learn more, visit truthinitiative.org.

About EX Program
EX® Program is a proven-effective tobacco cessation program, developed by Truth Initiative® with Mayo Clinic, that brings together the best evidence-based quitting approaches, interactive digital quitting programs, and the most established online quit community. EX Program has helped millions of youth and adults develop the skills and confidence to successfully quit. Truth Initiative research has shown that EX Program text messages can increase a user’s odds of quitting by up to 40%. To learn more, visit exprogram.com.

About EX Program Enterprise
Developed by Truth Initiative® with Mayo Clinic, EX® Program Enterprise is the best strategic partner for employers, health plans, and public health organizations to end smoking, vaping, and nicotine use. Sponsored users receive multimodal quitting support, available in both English and Spanish. Clients get real-time dashboards to track performance, year-round promotions, and expert client success guidance. To learn more about available options visit exprogram.com/enterprise.

 

View original content to download multimedia:https://www.prnewswire.com/news-releases/nearly-50-of-young-people-resolve-to-quit-nicotine-in-2025-302337746.html

SOURCE Truth Initiative

Continue Reading

Technology

Foxconn Announces Strategic Partnership With Zettabyte to Transform AI Data Centers

Published

on

By

TAIPEI, Dec. 23, 2024 /PRNewswire/ — Zettabyte, a global leader in AI data center software and infrastructure solutions, is proud to announce a strategic partnership with Hon Hai Technology Group (Foxconn), the world’s largest electronics manufacturer. This collaboration, underpinned by capital funding, aims to drive innovation and expand the adoption of energy-efficient AI solutions worldwide.

At the forefront of Zettabyte’s offerings is Zware, its advanced AI data center management software. Zware optimizes GPU performance, dramatically lowering energy usage while maximizing computing output. This cutting-edge solution empowers businesses to achieve unparalleled efficiency and sustainability in AI computing.

“We are thrilled to partner with Foxconn, a company renowned for its excellence in manufacturing and innovation,” said Kenneth Tai, Chairman of Zettabyte. “This partnership will accelerate the deployment of our technology, meeting the surging demand for high-performance, energy-efficient AI computing globally.”

Partnering with Zettabyte aligns with Foxconn’s commitment to advancing sustainable technologies. According to Foxconn, Zware’s ability to enhance AI data center operations while significantly reducing energy consumption opens opportunities to set new benchmarks for the future of AI data centers.

This collaboration underscores Zettabyte’s leadership in revolutionizing AI infrastructure and its dedication to providing transformative technologies to enterprises worldwide.

About Zettabyte

ZETTABYTE is a global innovator in AI data center technology, delivering solutions that redefine efficiency and sustainability in AI data centers. Its flagship software, Zware, is setting a new standard for sustainable and efficient AI computing.

About Foxconn

Established in 1974 in Taiwan, Hon Hai Technology Group (“Foxconn”) (TWSE: 2317) is the world’s largest electronics manufacturer and leading technological solutions provider, ranking 32nd among the Fortune Global 500. In 2023, revenue totaled TWD6.162 trillion (approx. US$198 billion or EUR183 billion)

View original content:https://www.prnewswire.com/apac/news-releases/foxconn-announces-strategic-partnership-with-zettabyte-to-transform-ai-data-centers-302338255.html

SOURCE Zettabyte

Continue Reading

Technology

Karma Automotive Collaborates with the Connected Vehicle Systems Alliance (COVESA), UC Riverside and ROADMEDIC.AI to Develop and Pilot Software and Standards for Next-Generation 9-1-1 Emergency Response Vehicle Communications

Published

on

By

At CES2025, a new vision is shared for standardizing the method that enables Software Defined Vehicles to more rapidly and robustly dispatch 9-1-1 Emergency Response Services to vehicle collisions 

IRVINE, Calif., Dec. 23, 2024 /PRNewswire/ — Karma Automotive, America’s only full-line ultra-luxury vehicle manufacturer, is passionate about enabling the proliferation of open standards in Software Defined Vehicle Architecture (SDVA) to increase industry collaboration, and to speed development as the expanded role of software redefines the driving experience aboard modern vehicles. With vehicle occupant safety as a preeminent focus in all vehicle development, Karma Automotive is collaborating with the Connected Vehicle Systems Alliance (COVESA), the University of California Riverside and ROADMEDIC.AI to develop standards-based software applications which leverage vehicle connectivity to provide robust and real-time insights to 9-1-1 first responders and the related eco-system.   

Developing technology that gets emergency responders to the scene faster to save lives

According to a paper published by the National Institute of Health (NIH), for every 1-minute increase in EMS response time, fatality odds increase by 2.6%. The goal of the effort is to drastically reduce emergency response times, and materially increase preparedness of responders when arriving at the site of a critical incident. Then, to validate software applications and communication protocols that have been validated in real-world applications that can be shared and easily deployed by the broader automotive industry.

To announce this project, Karma Automotive will join the COVESA Networking Reception and Demonstration at CES2025 on January 7 at 5pm at the Bellagio Hotel in Las Vegas, NV and showcase the ultra-exclusive, high-performance 2025 Karma Invictus. Karma Invictus is underpinned by the Karma Cloud Services platform that serves as the backbone for the development of the proposed safety system.

Enabling the detailed transmission of vital vehicle and occupant data in real-time could help responders increase preparedness to triage an incident, as contemporary automobiles carry tremendous amounts of data. Leveraging connectivity systems, a vehicle can directly identify number and location of occupants, severity of impact, location of the incident, vehicle extrication instructions and even driver biometrics. Software can be used to organize, parse, and transmit this data in real-time to parties based on their specific role in the 9-1-1 response eco-system.  When combined with vehicle-embedded and cloud-based AI, this data can be sorted and delivered independently, yet simultaneously to the diverse network of service providers that engage in incident response activities. Collectively, this effort is referred to as the ‘9-1-1 Dispatcher Visibility Demonstration Project’.

“Much of what we deliver to our customers in software should not be looked at as differentiating, but rather essential,” says Marques McCammon, President, Karma Automotive. “Safety for example is important to all industry players, and if we could standardize our approach to innovation in the space, we can not only improve the well-being of drivers universally, but also reduce development cost, and time getting new tech technologies to market. This philosophy is central to the Karma Automotive brand promise and our positioning as America’s only ultra-luxury automotive brand.”  

“Together with our partners, we look to democratize development and share the learnings to the benefit of the broader industry and the community at large,” continues McCammon, “and with upcoming Karma vehicles, this technology will be seamlessly integrated within our Karma Connect Vehicle Data Management and connectivity services platform.”

“This collaboration is the realization of a 25-year journey,” said Lawrence E. Williams, CEO and Founder of ROADMEDIC.AI. “Many times, it seemed like a pipe dream, but today, thanks to Karma Automotive’s shared vision, we are turning that dream into reality. Together, we are poised to revolutionize 9-1-1 emergency response systems and save countless lives.”

Next Generation 9-1-1 Technology: A Game Changer
Karma Automotive is the first OEM automotive partner to COVESA’s ‘9-1-1 Dispatcher Visibility Demonstration Project’. Working in collaboration with the University of California Riverside, the automaker will utilize 3rd Generation Karma Revero sport sedans to pilot the technology application and its related use cases. The results of this effort will then be shared with the greater COVESA community, National Highway Traffic Safety Administration (NHSTA), and other community members and stakeholders.

Existing 9-1-1 emergency response systems rely heavily on caller-based information, often supplemented by telematics systems transmitting data to manufacturer call centers. These systems, while useful, introduce delays and inconsistencies that can hinder timely emergency responses. By contrast, the Next Generation 9-1-1 Technology spearheaded by Karma Automotive and its partners will enable vehicles to instantly transmit vital, multi-layered crash data directly to 9-1-1 Emergency Communication Centers, bypassing intermediaries and saving precious seconds in emergency scenarios.

About Karma Automotive

Karma Automotive is America’s only full-line ultra-luxury vehicle manufacturer, and a pioneer of EREV (Extended Range Electric) vehicles which it manufactures at its Karma Innovation and Customization Center (KICC) in Moreno Valley, CA. Its Executive, Product Development, and Design headquarters are located in nearby Irvine, CA. The Karma portfolio embodies California’s spirit of innovation and entrepreneurial boldness, reflected by the signature Comet Line which is the central hallmark of Karma’s new design language. Sales of the 3rd Generation Karma Revero sport sedan, the world’s first luxury EREV plug-in hybrid, are now underway in the USA and EU, offering luxury balanced with conscientiousness delivered without compromise. Sales of Revero’s ultra-exclusive, performance-tuned stablemate, Karma Invictus, will begin in Q1 2025, followed by the Gyesera four-seater in Q4 2025.  The Karma Kaveya super-coupe, with up to 1,000HP and butterfly-doors, will arrive in Q4 2026, incorporating SDVA (Software-Defined Vehicle Architecture) developed in collaboration with Intel Automotive. Further, Karma Automotive will provide Tier 1’s and Original Equipment Manufacturers (OEMs) with business-to-business SDVA solutions, as it does today with Karma Connect, its proprietary Vehicle Data Management and Over-the-Air services platform, which presently provides services to the world’s second largest OEM. Karma Automotive’s dealer network spans North America, Europe, South America and the Middle East. (www.karmaautomotive.com) 

About ROADMEDIC.AI

ROADMEDIC.AI is an authorized automotive OEM Tier 1 supplier dedicated to improving 9-1-1 emergency response through instantaneous IP-based data transmission from motor vehicles to 9-1-1 centers. Their innovative solutions save lives and reduce harm in crash events. For more information, visit www.roadmedic.com.

About COVESA

The Connected Vehicle Systems Alliance (COVESA) is an open, member-driven global technology alliance accelerating the full potential of connected vehicles. By developing common approaches and technologies, COVESA provides a collaborative platform that empowers automotive software stakeholders and world-class developers to address challenges and opportunities in connected mobility and navigate the digital transformation of the automotive industry. Learn more about COVESA or join our community at www.covesa.global.

Media Contact:                                                                                                                                                           

Joe Richardson, (917) 716-6617                                                                              
Joe@BeautifulNoisePR.com 

View original content to download multimedia:https://www.prnewswire.com/news-releases/karma-automotive-collaborates-with-the-connected-vehicle-systems-alliance-covesa-uc-riverside-and-roadmedicai-to-develop-and-pilot-software-and-standards-for-next-generation-9-1-1-emergency-response-vehicle-communications-302338073.html

SOURCE Karma Automotive

Continue Reading

Trending