Internet Security Threat Report
Symantec’s Internet Security Threat Report, released in April, covers an extensive range of cyber threats we need to be aware of and proactively manage including data security and privacy, threats from social media and email scams, the security pressures experienced from Internet of Things (IoT) and mobile devices, and much more. Thanks to Symantec’s Global Intelligence Network made up of over 63.8 million attack sensors and recording thousands of events per second, threat activity in over 157 territories is monitored. Furthermore, their comprehensive vulnerability database contains nearly 75,000 recorded vulnerabilities of the last 20 plus years including spam, phishing, and malware data.
In 2015, Symantec found malware up 36% from the previous year, logging 430 million new pieces of malware. Stated in the report, “As real life and online become indistinguishable from each other, cybercrime has become a part of our daily lives.”
Six Key Findings & Trends of 2015
With the following six threat and vulnerability discoveries noted as key findings of 2015, Symantec takes a broad look at the threat landscape.
- Each week of 2015 saw the discovery of a new zero-day vulnerability. With a 125% increase from the previous year, zero-day Vulnerabilities allow advanced attack groups to profit from flaws in browser and website plugins.
- More than half a billion personal records were lost or stolen in 2015. The largest data breach ever publicly reported occurred at the end of 2015 exposing 191 million records, but over the year, another eight mega-breaches (violations of above 10 million records) occurred. Adding insult to injury, more companies are now concealing the full extent of their data breaches, and this lack of transparency is only increasing security challenges.
- Spear-phishing campaigns targeting employees rose by 55% last year. Attacks targeting businesses with fewer than 250 employees have steadily increased over the previous five years, and in 2015, financial companies or Government organizations targeted once were more likely to be targeted three more times again over the year.
- Three-quarters of popular websites were found to have major security vulnerabilities. With web administrators struggling to stay current with patches, the general public is put at risk. Unfortunately, simply ensuring one uses a well-known and legitimate website is not enough to guarantee the security.
- A 35% increase in ransomware was recorded in 2015. Using encryption against legitimate organizations, cyber criminals are holding hostage critical data in ever-evolving violations. Symantec believes this type of attack will continue to expand and trap network users beyond PCs, reaching users of smartphones, Mac, and Linux systems.
- 100 million fake technical support scams were blocked by Symantec in 2015. As if the already pervasive scams were not enough, cybercriminals are scamming new victims into calling them through pop-ups which suggest serious errors or problems could be resolved by calling the stated 800 numbers. On connection, these scammers then attempt to sell worthless services to their victims.
Threats to Cloud Computing
Unfortunately, even cloud-hosted and virtualized systems are vulnerable, and Malware is able to search for virtualized environments and infect them. According to Symantec, 16% of malware is “routinely able to recognize and exploit a virtual machine environment.” Worse still, vulnerabilities such as VENOM allow attackers to break out of infected virtual machines and attack others on the same system. Due to the ever-increasing range of solutions cloud computing offers, and with the quantity of data held on the cloud expanding, attacks in this environment also multiply.
Symantec found that misconfigurations and poor management by users (not Service Providers) resulted in cloud-hosted systems being vulnerable to illicit access, and further unearthed 11,000 publicly accessible files. It’s also noted that stolen credentials for cloud-based systems are habitually sold on the black market at low costs. As asserted by Symantec, cloud services and virtual machines must be secured as thoroughly as all other services and devices with policies covering virtual as well as physical infrastructure. Because nothing is immune from cyber threats anymore, using integrated security tools across all platforms helps diminish future security problems, and Symantec encourages an investigative, clinical-study mindset that compels good digital hygiene, education of cybersecurity issues, and doesn’t tolerate cybersecurity risks.
By Jennifer Klostermann