Symantec Internet Security Threat Report on evolution of cyber menaces

Symantec has issued The Internet Security Threat Report, a document which provides an overview and analysis of global threat evolution in 2013.

Security experts are observing a significant increase in the number of targeted cyber-attacks, it has been estimated that the growth is by 91 per cent in 2013 respect previous year, but most concerning is the fact that their duration is increasing too. Each targeted attack lasted three times longer than in 2012, according to an industry report. Symantec has recently released its 2014 Internet Security Threat Report (ISTR), which propose an analysis of the techniques adopted by cybercriminals to conduct sophisticated, as dangerous, cyberattacks.

“In 2013 much attention was focused on cyber-espionage, threats to privacy and the acts of malicious insiders. However the end of 2013 provided a painful reminder that cybercrime remains prevalent and that damaging threats from cybercriminals continue to loom over businesses and consumers. Eight breaches in 2013 each exposed greater than 10 million identities, targeted attacks increased and end-user attitudes towards social media and mobile devices resulted in wild scams and laid a foundation for major problems for endusers and businesses as these devices come to dominate our lives.” states the report in which last year is defined as “The Year of Mega Breach” because the total number of data breaches in passed from 62 per cent to 253.

The industries that most of all are exposed to cyber attacks are the energy (oil and gas) and manufacturing industries, both included in the category named “mining”, Internet Security Threat Report also highlighted that the most targeted attacks last year were against the governments and the services industry.

Very Interesting is the data related Spear phishing attacks, a common practiced adopted by criminals and state-sponsored hackers to steal sensitive information and intellectual properties. Trade secrets were stolen principally from large organizations and SMEs, large enterprises were hit by 39 per cent of attacks compared to 50 per cent in 2012.

Do not be fooled from the previous image, press-ups are based on a disturbing finding, the duration of the spear phishing campaigns has increased, the attacks were characterized by a greater intensity

“prolonging the duration over which a campaign may last, rather than intensifying the attacks in one or two days as had been the case previously. Consequently, the number of attacks seen each day has fallen and other characteristics of these attacks suggest this may help to avoid drawing attention to an attack campaign that may be underway.”

I jumped to the section dedicated to web based attacks noting that once again patch management represent a serious problem for website managers, 1 in 8 websites analyzed by Symantec had critical unpatched vulnerabilities that could be easily exploited by attackers. The number of new vulnerabilities increase by 28 percent respect 2012 and SSL and TLS protocol renogotiation vulnerabilities were most commonly exploited. Symantec counted 23 zero-day vulnerabilities, 5 of which affacted Java platforms.

Other ideas are related to the increase in the number of ransomware (+500%) and attacks against devices on the Internet of Things.

“While the benefit to attackers of compromising these devices may not be immediately clear and there is still a lot of hype, the risk is real. Internet of Thing (IoT) devices will become access points for targeted attackers and become bots for cyber-criminals,” states the report referring the attacks which targeted devices including routers, baby monitors and security cameras.”

I suggest you to read the Internet Security Threat Report, it is full of interesting stuff, following its key findings: