9 Disturbing Facts Emerge from the Symantec’s Annual Cybersecurity Report
Today, cybersecurity threats are growing in volume, sophistication, and persistence. That’s according to the findings of Symantec’s 2016 Internet Security Threat Report which draws on threat data from its Global Intelligence Network and monitoring activity in over 157 countries.
Government data breaches made big headlines in 2015 – no surprises there. Perhaps more troublesome than the growing frequency of such attacks (and subsequent headlines) is the nature of the details behind them and the potential for greater data exposure, growing public distrust and more trouble ahead.
Here are just nine disturbing takeaways that we’ve gleaned from Symantec’s report:
1. Attackers are persistent and in it for the long-term
In 2015, a government organization or a financial company targeted once by attackers was most likely to be targeted again at least three more times throughout the year.
2. The public sector is increasingly vulnerable to spear-phishing attacks
Specialized spear-phishing schemes involve an attempt by a hacker to obtain confidential information about a user through fraudulent means, typically targeting an employee via email to gain access to an organization’s information. Although the finance industry is the most targeted, the transportation and public utilities sectors rank highest for their likelihood of being attacked at least once during the year.
3. Number of data breaches rise slightly, but mega-breaches reach record levels
While the total number of breaches rose by only two percent in 2015, the year saw nine mega-breaches, surpassing 2013’s record of eight breaches. By the end of the year, 191 million identities were exposed worldwide. But the numbers are likely higher than that even since the amount of breaches reported without disclosing the full number of identities exposed increased by 85 percent.
4. Public administration ranks high for data breaches
There were nearly 28 million reported identities exposed within this sector, including at least 22 million alone during the Office of Personnel Management (OPM) breach.
5. Public trust is on the wane
Consumers and citizens are increasingly worried that their personal information is not safe. Symantec anticipates that this lack of trust will lead to a reluctance to share personal information and change online behavior.
6. The number of zero-day vulnerabilities grew significantly
The highest number of zero-day vulnerabilities (a hole in software that is unknown to the vendor) were disclosed in 2015, more than double that of 2014. Or put another way, a new zero-day vulnerability was found every week (on average) in 2015. Discovering these vulnerabilities and finding ways to exploit them is a go-to technique for advanced attackers. Adobe Flash, Microsoft, and the Android operating system command particular attention from malicious developers.
7. IoT attacks emerging
With rapid growth comes the risk of vulnerabilities in devices and “things”. IoT devices often lack stringent security measures, and some attacks are able to exploit vulnerabilities in the underlying Linux-based operating systems found in several IoT devices and routers. Many issues stem from how securely vendors implemented mechanisms for authentication and encryption (or not).
8. Malware threats against Linux and Mac OS X are increasing
Apple OS X was targeted for a number of attacks last year, including a proof-of-concept ransomware threat called Mabouia – the first file-based ransomware threat against the Mac OS X. The volume of Mac-targeted malware has also doubled since the start of 2015.
Although the overall volume is lower by comparison, the number of malware attacks against Linux has risen almost fourfold (a 286 percent increase) since the start of the year. In Q1, Symantec blocked approximately 1.3 attacks each day, rising to 5.2 attacks daily by the end of Q4.
9. The cloud and virtualized systems are not immune
In 2015, Symantec found that misconfiguration and poor management (by users, not cloud service providers) left cloud-hosted systems vulnerable to unauthorized access. Additionally, 11,000 publicly accessible files―some containing sensitive personal information―were also unearthed. Stolen credentials for cloud-based systems are regularly traded on underground markets. Malware is also better evading detection in virtualized environments and is getting more sophisticated at being able to exploit and infect other virtual machines on the same system.
It’s clear that more and more cyber-attacks are emerging, so it’s important for the public sector to remain vigilant and knowledgeable about existing and future threats. For more facts and measures you can take to reduce risks, download the full report here.