Global Intelligence Network – 63.8 Million Attack Sensors

Internet Security Threat Report

Symantec’s Internet Security Threat Report, released in April, covers an extensive range of cyber threats we need to be aware of and proactively manage including data security and privacy, threats from social media and email scams, the security pressures experienced from Internet of Things (IoT) and mobile devices, and much more. Thanks to Symantec’s Global Intelligence Network made up of over 63.8 million attack sensors and recording thousands of events per second, threat activity in over 157 territories is monitored. Furthermore, their comprehensive vulnerability database contains nearly 75,000 recorded vulnerabilities of the last 20 plus years including spam, phishing, and malware data.

In 2015, Symantec found malware up 36% from the previous year, logging 430 million new pieces of malware. Stated in the report, “As real life and online become indistinguishable from each other, cybercrime has become a part of our daily lives.”

Six Key Findings & Trends of 2015

With the following six threat and vulnerability discoveries noted as key findings of 2015, Symantec takes a broad look at the threat landscape.

  • Each week of 2015 saw the discovery of a new zero-day vulnerability. With a 125% increase from the previous year, zero-day Vulnerabilities allow advanced attack groups to profit from flaws in browser and website plugins.
  • More than half a billion personal records were lost or stolen in 2015. The largest data breach ever publicly reported occurred at the end of 2015 exposing 191 million records, but over the year, another eight mega-breaches (violations of above 10 million records) occurred. Adding insult to injury, more companies are now concealing the full extent of their data breaches, and this lack of transparency is only increasing security challenges.
  • Spear-phishing campaigns targeting employees rose by 55% last year. Attacks targeting businesses with fewer than 250 employees have steadily increased over the previous five years, and in 2015, financial companies or Government organizations targeted once were more likely to be targeted three more times again over the year.
  • Three-quarters of popular websites were found to have major security vulnerabilities. With web administrators struggling to stay current with patches, the general public is put at risk. Unfortunately, simply ensuring one uses a well-known and legitimate website is not enough to guarantee the security.
  • A 35% increase in ransomware was recorded in 2015. Using encryption against legitimate organizations, cyber criminals are holding hostage critical data in ever-evolving violations. Symantec believes this type of attack will continue to expand and trap network users beyond PCs, reaching users of smartphones, Mac, and Linux systems.
  • 100 million fake technical support scams were blocked by Symantec in 2015. As if the already pervasive scams were not enough, cybercriminals are scamming new victims into calling them through pop-ups which suggest serious errors or problems could be resolved by calling the stated 800 numbers. On connection, these scammers then attempt to sell worthless services to their victims.

Threats to Cloud Computing

Unfortunately, even cloud-hosted and virtualized systems are vulnerable, and Malware is able to search for virtualized environments and infect them. According to Symantec, 16% of malware is “routinely able to recognize and exploit a virtual machine environment.” Worse still, vulnerabilities such as VENOM allow attackers to break out of infected virtual machines and attack others on the same system. Due to the ever-increasing range of solutions cloud computing offers, and with the quantity of data held on the cloud expanding, attacks in this environment also multiply.

Symantec found that misconfigurations and poor management by users (not Service Providers) resulted in cloud-hosted systems being vulnerable to illicit access, and further unearthed 11,000 publicly accessible files. It’s also noted that stolen credentials for cloud-based systems are habitually sold on the black market at low costs. As asserted by Symantec, cloud services and virtual machines must be secured as thoroughly as all other services and devices with policies covering virtual as well as physical infrastructure. Because nothing is immune from cyber threats anymore, using integrated security tools across all platforms helps diminish future security problems, and Symantec encourages an investigative, clinical-study mindset that compels good digital hygiene, education of cybersecurity issues, and doesn’t tolerate cybersecurity risks.

By Jennifer Klostermann

Trading view

Notable Stock Screeners for 2021

Stock Screeners By this point, you probably already heard about everything that happened with GameStop (GME) stocks. GameStop is the largest video game retailer with 5,000 stores around the U.S. Due to the pandemic, the ...
Kamal Maggon

Mining Business Value – Accelerating a US Company’s Cloud Transformation

Mining Business Value Traditional industries like mining have been slow to adapt to changing IP technology.  Of course, coal and other mining types have adopted new technologies starting with mechanical drills powered by pistons, then ...
Patrick Joggerst

Living on the Edge: The New Real-Time Communications Security Risks

Real-time communications Security Risks As more and more people have been forced to work remotely due to the global public health crisis, collaboration platforms have unexpectedly saved the day for millions of businesses and allowed ...
David Shearer

Looking Back – and Looking Forward to 2020

As we celebrate our thirtieth anniversary here at (ISC)², it’s incredible to look back at the changes our industry has been through. From advances in technology, to changing policy and regulations, this field is constantly ...
Workforce Tech Talent

Is Remote Work Here To Stay?

Is Remote Work Here To Stay? For as long as I can remember there have been discussions about remote work and when that would become the reality for almost everyone on the planet. Tim Ferriss ...
Mark Banfield

A Seamless Customer Experience Is Essential to Success in Today’s Digital Economy

Implement A Seamless Customer Experience The need for digital interaction has never seemed more critical than it does today. As the coronavirus continues to spread, citizens around the world are being asked to hunker down ...