shutterstock_398268808

Global Intelligence Network – 63.8 Million Attack Sensors

Internet Security Threat Report

Symantec’s Internet Security Threat Report, released in April, covers an extensive range of cyber threats we need to be aware of and proactively manage including data security and privacy, threats from social media and email scams, the security pressures experienced from Internet of Things (IoT) and mobile devices, and much more. Thanks to Symantec’s Global Intelligence Network made up of over 63.8 million attack sensors and recording thousands of events per second, threat activity in over 157 territories is monitored. Furthermore, their comprehensive vulnerability database contains nearly 75,000 recorded vulnerabilities of the last 20 plus years including spam, phishing, and malware data.

In 2015, Symantec found malware up 36% from the previous year, logging 430 million new pieces of malware. Stated in the report, “As real life and online become indistinguishable from each other, cybercrime has become a part of our daily lives.”

Six Key Findings & Trends of 2015

cloud-security

With the following six threat and vulnerability discoveries noted as key findings of 2015, Symantec takes a broad look at the threat landscape.

  • Each week of 2015 saw the discovery of a new zero-day vulnerability. With a 125% increase from the previous year, zero-day vulnerabilities allow advanced attack groups to profit from flaws in browser and website plugins.
  • More than half a billion personal records were lost or stolen in 2015. The largest data breach ever publicly reported occurred at the end of 2015 exposing 191 million records, but over the year, another eight mega-breaches (violations of above 10 million records) occurred. Adding insult to injury, more companies are now concealing the full extent of their data breaches, and this lack of transparency is only increasing security challenges.
  • Spear-phishing campaigns targeting employees rose by 55% last year. Attacks targeting businesses with fewer than 250 employees have steadily increased over the previous five years, and in 2015, financial companies or government organizations targeted once were more likely to be targeted three more times again over the year.
  • Three-quarters of popular websites were found to have major security vulnerabilities. With web administrators struggling to stay current with patches, the general public is put at risk. Unfortunately, simply ensuring one uses a well-known and legitimate website is not enough to guarantee the security.
  • A 35% increase in ransomware was recorded in 2015. Using encryption against legitimate organizations, cyber criminals are holding hostage critical data in ever-evolving violations. Symantec believes this type of attack will continue to expand and trap network users beyond PCs, reaching users of smartphones, Mac, and Linux systems.
  • 100 million fake technical support scams were blocked by Symantec in 2015. As if the already pervasive scams were not enough, cybercriminals are scamming new victims into calling them through pop-ups which suggest serious errors or problems could be resolved by calling the stated 800 numbers. On connection, these scammers then attempt to sell worthless services to their victims.

Threats to Cloud Computing

Unfortunately, even cloud-hosted and virtualized systems are vulnerable, and malware is able to search for virtualized environments and infect them. According to Symantec, 16% of malware is “routinely able to recognize and exploit a virtual machine environment.” Worse still, vulnerabilities such as VENOM allow attackers to break out of infected virtual machines and attack others on the same system. Due to the ever-increasing range of solutions cloud computing offers, and with the quantity of data held on the cloud expanding, attacks in this environment also multiply.

cyber-security

(Image Source: Shutterstock)

Symantec found that misconfigurations and poor management by users (not service providers) resulted in cloud-hosted systems being vulnerable to illicit access, and further unearthed 11,000 publicly accessible files. It’s also noted that stolen credentials for cloud-based systems are habitually sold on the black market at low costs. As asserted by Symantec, cloud services and virtual machines must be secured as thoroughly as all other services and devices with policies covering virtual as well as physical infrastructure. Because nothing is immune from cyber threats anymore, using integrated security tools across all platforms helps diminish future security problems, and Symantec encourages an investigative, clinical-study mindset that compels good digital hygiene, education of cybersecurity issues, and doesn’t tolerate cybersecurity risks.

By Jennifer Klostermann

Jennifer Klostermann

Jennifer Klostermann is an experienced writer with a Bachelor of Arts degree majoring in writing and performance arts. She has studied further in both the design and mechanical engineering fields, and worked in a variety of areas including market research, business and IT management, and engineering. An avid technophile, Jen is intrigued by all the latest innovations and trending advances, and is happiest immersed in technology.

Kodak Bitcoin mining 'scam' evaporates

Kodak Bitcoin mining ‘scam’ evaporates

The company behind a Kodak-branded crypto-currency mining scheme has confirmed the plan has collapsed. In January, a Bitcoin mining computer labelled Kodak KashMiner was on display on Kodak's official stand at the CES technology show ...
Netflix subscriber slip hints at 'lumpy' road ahead

Netflix subscriber slip hints at ‘lumpy’ road ahead

(Reuters) - Shares of Netflix Inc fell 13 percent on Tuesday after it reported a surprise shortfall in subscriber additions for a second quarter marked by the lack of a blockbuster new show and the ...
Coupa selected by Zurich Insurance to transform its business spend

Coupa selected by Zurich Insurance to transform its business spend

SAN MATEO, Calif., July 12, 2018 (GLOBE NEWSWIRE) -- Coupa Software (NASDAQ: COUP), a leader in business spend management (BSM), today announced that Switzerland’s largest insurer and global top 100 company, Zurich Insurance Group (Zurich), ...
The Cloud Has Your Data (Whether You Like It Or Not)

The Cloud Has Your Data (Whether You Like It Or Not)

Cloud Cleanup Anyone? Following on where we left off from my last two articles now we shift focus to what ...
Imminent IoT Eye-Tracking Technologies To Transform The Connected World

Imminent IoT Eye-Tracking Technologies To Transform The Connected World

IoT Eye Tracking Smelling may be the first of the perceptible senses, but the eye is the fastest moving organ ...
David

De-Archiving: What Is It and Who’s Doing It?

De-Archiving I first heard the term “De-Archiving” a few months ago on a visit to a few studios in Hollywood ...
Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Three Reasons Cloud Adoption Can Close The Federal Government’s Tech Gap

Federal Government Cloud Adoption No one has ever accused the U.S. government of being technologically savvy. Aging software, systems and processes, ...
What’s Next In Cloud And Data Security For 2017?

What’s Next In Cloud And Data Security For 2017?

Cloud and Data Security It has been a tumultuous year in data privacy to say the least – we’ve had ...
Cybersecurity Data Breaches: Incident Response Planning

Cybersecurity Data Breaches: Incident Response Planning

Incident Response Planning The topic of cybersecurity has become part of the boardroom agendas in the last couple of years, ...