MELBOURNE: Symantec has released its Internet Security Threat Report Volume 20 for the 2014 year. Ransomware is up 113%, corporate defences are falling behind as cybercriminals move faster and the weakest link in security is you.
The 119-page ISTR report is heavy going and should be compulsory reading for system administrators and those consumers who have an interest in security. For the rest – I hope this article does it justice.
When a cyber security breach hits the news, those most closely involved often have incentive to play up the sophistication of the attack.
If hackers are portrayed as well-funded geniuses, victims look less vulnerable, security firms can flog their products and services, and government officials can push for tougher regulation or seek more money for cyber defences.
But two deeply researched reports being released this week underscore the less-heralded truth: the vast majority of hacking attacks are successful because employees click on links in tainted emails, companies fail to apply available patches to known software flaws, or technicians do not configure systems properly. These conclusions will be in the minds of executives attending the world’s largest technology security conference next week in San Francisco, a conference named after lead sponsor RSA, the security division of EMC Corp.
In the best-known annual study of data breaches, a report from Verizon Communications to be released on Wednesday found that more than two-thirds of the 290 electronic espionage cases it learned about in 2014 involved phishing, the security industry’s term for trick emails.
Because so many people click on tainted links or attachments, sending phishing emails to just 10 employees will get hackers inside corporate gates 90 per cent of the time, Verizon found.
“There’s an overarching pattern,” said Verizon scientist Bob Rudis. Attackers use phishing to install malware and steal credentials from employees, then they use those credentials to roam through networks and access programs and files, he said.
Symantec has released its Internet Security Threat Report Volume 20 for the 2014 year. Ransomware is up 113%, corporate defences are falling behind as cybercriminals move faster and the weakest link in security is you.
The 119-page ISTR report is heavy going and should be compulsory reading for system administrators and those consumers who have an interest in security. For the rest – I hope this article does it justice.
I spoke at length with Nick Savvides, Information Security Solution Engineer at Symantec prior to the report’s release.
He said that 2013 was the year of mega breaches – over 552 million identities were exposed, 23 zero-day vulnerabilities discovered, one in eight web sites had a critical vulnerability, a 62% increase in number of breaches and a 91% increase in targeted attacks.
“2014 will be memorable as the year ransomware increased by 113%, new levels of maliciousness, and increased sophistication as cybercriminals employed faster, highly targeted attacks on business – its where the money is,” Nick said.
Verizon’s report includes its own business investigations and data from 70 other contributors, including law enforcement. It found that while major new vulnerabilities such as Heartbleed are being used by hackers within hours of their announcement, more attacks last year exploited patchable vulnerabilities dating from 2007, 2010, 2011, 2012 and 2013.
Another annual cyber report, to be released on Tuesday by Symantec Corp, found that state-sponsored spies also used phishing techniques because they work and because the less-sophisticated approach drew less scrutiny from defenders.
Once inside a system, however, the spies turned fancy, writing customised software to evade detection by whatever security programs the target has installed, Symantec said.
The report covers six main areas
Mobile Devices and Internet of Things
Web Threats
Social Media and Scams
Targeted attacks
Data breaches and privacy
E-crime and malware
Its findings come from the Symantec Global Intelligence Network, which comprises 57.6 million attack sensors, in 157 countries that receive information from Symantec products and services such as Symantec DeepSight Intelligence, Symantec Managed Security Services, Norton consumer products, and other third-party sources. Spam, phishing, and malware data is captured through sources including the Symantec Probe Network, a system of more than 5 million decoy accounts. In other words, it is accurate.
