News Release
Annual Symantec InternetSecurity Threat Report Reveals
81 Percent Increasein Malicious Attacks
Symantec Corp. (Nasdaq:SYMC) today announced the findings of its InternetSecurity Threat Report, Volume 17 , which shows thatwhile the number of vulnerabilities decreased by
20percent, the number of malicious attacks continued toskyrocket by 81 percent. In addition, the report highlightsthat advanced targeted attacks are spreading toorganisations of all sizes and variety of personnel, databreaches are increasing and that attackers are focusing onmobile threats.
detailed blogposts:
The 2011 Internet Security Threat Report –There Is No Panacea to Protect Against AllAttacks
Keep Your SMB Safe from Internet-BasedThreats
Malicious AttacksContinue to Grow Rapidly
Symantec blocked more than5.5 billion malicious attacks in 2011, an increase of 81percent over the previous year. In addition, the number ofunique malware variants increased to 403 million and thenumber of web attacks blocked per day increased by 36percent.
At the same time, spam levels fellconsiderably and new vulnerabilities discovered decreased by20 percent. These statistics, compared to the continuedgrowth in malware, paint an interesting picture. Attackershave embraced easy to use attack toolkits to efficientlyleverage existing vulnerabilities. Moving beyond spam,cyber criminals are now turning to social networks to launchtheir attacks. The very nature of these networks makesusers incorrectly assume they are not at risk and attackersare using these sites to target new victims. Due to socialengineering techniques and the viral nature of socialnetworks, it’s much easier for threats to spread from oneperson to the next.
Advanced Targeted AttacksSpread to Organisations of All Sizes
Targeted attacksare growing, with the number of daily targeted attacksincreasing from 77 per day to
82 per day by the end of2011. Targeted attacks use social engineering andcustomised malware to gain unauthorised access to sensitiveinformation. These advanced attacks have traditionallyfocused on public sector and government; however, in 2011,targeted attacks diversified.
Targeted attacks are nolonger limited to large organisations. More than 50 percentof such attacks target organisations with fewer than 2,500employees, and almost 18 percent target companies with fewerthan
250 employees. These organisations may be targetedbecause they are in the supply chain or partner ecosystem ofa larger company and because they are less well-defended. Furthermore, 58 percent of attacks target non-execs,employees in roles such as human resources, public relationsand sales. Individuals in these jobs may not have directaccess to information, but they can serve as a direct linkinto the company. They are also easy for attackers toidentify online and are used to getting proactive inquiriesand attachments from unknown sources.
Rise ofData Breaches, Lost Devices Concern for the Future
Approximately 1.1 million identities were stolen perdata breach on average in 2011, a dramatic increase over theamount seen in any other year. Hacking incidents posed thegreatest threat, exposing 187 million identities in 2011 −the greatest number for any type of breach last year. However, the most frequent cause of data breaches that couldfacilitate identity theft was theft or loss of a computer orother medium on which data is stored or transmitted, such asa smartphone, USB key or a backup device. These theft-orloss-related breaches exposed 18.5 million identities.
As tablets and smartphones continue to outsell PCs,more sensitive information will be available on mobiledevices. Workers are bringing their smartphones and tabletsinto the corporate environment faster than manyorganisations are able to secure and manage them. This maylead to an increase in data breaches as lost mobile devicespresent risks to information if not properly protected.
Mobile Threats Expose Businesses andConsumers
Mobile vulnerabilities increased by 93percent in 2011. At the same time, there was a rise inthreats targeting the Android operating system. With thenumber of vulnerabilities in the mobile space rising andmalware authors not only reinventing existing malware formobile devices, but creating mobile-specific malware gearedto unique mobile opportunities, 2011 was the first year thatmobile malware presented a tangible threat to businesses andconsumers. These threats are designed for activitiesincluding data collection, the sending of content and usertracking.
Click to Tweet : Symantec blockedmore than 5.5 billion attacks in 2011:
Click toTweet: #ISTR 1.1 million identities stolen per breachlast year:
Click to Tweet : Hackers exposed187 million identities in 2011:
Click to Tweet : Mobilevulnerabilities increased by 93 percent in 2011, #ISTR:
Click to Tweet : Advanced targetedattacks spread to organisations of all sizes and informationworkers:
Quote
“In 2011 cybercriminalsgreatly expanded their reach, with nearly 20 percent oftargeted attacks now directed at companies with fewer than250 employees,” said Stephen Trilling, chief technologyofficer, Symantec. “We’ve also seen a large increase inattacks on mobile devices, making these devices a viableplatform for attackers to leverage in targeting sensitivedata. Organizations of all sizes need to be vigilant aboutprotecting theirinformation.”
Multimedia
Video: Did YouKnow: Internet Security Threat Report, Volume 17
Podcast: Symantec Internet Security ThreatReport, Volume 17
Webcast: ThreatUpdate: Top Trends to Focus on for2012
SlideShare: Symantec Internet SecurityThreat Report 2011, Volume 17, April 2012
Infographic: 2011 in Numbers
Infographic: 2011 by Month
ends
No comments:
Post a Comment