NEWS
Symantec releases Internet Security Threat Report, Volume 22
By VARINDIA - 2017-04-27
Symantec has released Internet Security Threat Report (ISTR) – Volume 22. According to this report, cybercriminals revealed levels of ambition in 2016 – a year marked by extraordinary attacks, including multimillion dollar virtual bank heists and overt attempts to disrupt the U.S. electoral process by state-sponsored groups.
“New sophistication and innovation are the nature of the threat landscape, but this year Symantec has identified seismic shifts in motivationand focus,” said Tarun Kaura, Director – Solution Product Management – for Asia-Pacific & Japan, Symantec. “The world saw specificnation states double down on political manipulation and straight sabotage. Meanwhile, cybercriminals caused unprecedented levels of disruption by focussing their exploits on relatively simple IT tools and cloud services.”
Symantec’s ISTR provides a comprehensive view of the threat landscape, including insights into global threat activity, cybercriminal trends and motivations for attackers. The key highlights include:
Cybercriminals are executing politically devastating attacks in a move to undermine a class of targets. Cyber-attacks against the U.S. Democratic Party and the subsequent leak of stolen information reflect a trend toward criminals employing highly-publicized, overt campaigns designed to destabilize and disrupt targeted organizations and countries. While cyber attacks involving sabotage have traditionally been quite rare, the perceived success of several campaigns – including the U.S. election and Shamoon – point to a growing trend to criminals attempting to influence politics and sow discord in other countries.
A breed of attackers revealed major financial ambitions, which may be an exercise to help fund other covert and subversive activities. Today, the largest heists are carried out virtually, with billions of dollars stolen by cybercriminals. While some of these attacks are the work of organized criminal gangs, for the first time nation states appear to be involved as well. Symantec uncovered evidence linking North Korea to attacks on banks in Bangladesh, Vietnam, Ecuador and Poland.
In 2016, Symantec saw cybercriminals use PowerShell installed on PCs, and Microsoft Office files as weapons. While system administrators may use these common IT tools for daily management tasks, cybercriminals increasingly used this combination for their campaigns as it leaves a lighter footprint and offers the ability to hide in plain sight. Due to the widespread use of PowerShell by attackers, 95 per cent of PowerShell files seen by Symantec in the wild were malicious.
The use of email as an inflection point becoming a weapon of choice for cybercriminals and a dangerous threat to users. Symantec found one in 131 emails contained a malicious link or attachment – the highest rate in five years.
Symantec identified over 100 new malware families released into the wild, more than triple the amount seen previously, and a 36-per cent increase in ransomware attacks worldwide.
However, the United States is firmly in the crosshairs of attackers as the number-one targeted country. Symantec found 64 per cent of American ransomware victims are willing to pay a ransom, compared to 34 percent globally. Unfortunately, this has consequences. In 2016, the average ransom spiked 266 per cent with criminals demanding an average of $1,077 per victim up from $294 as reported for the previous year.
A growing reliance on cloud services has left organizations open to attacks. Tens of thousands of cloud databases from a single provider were hijacked and held for ransom in 2016 after users left outdated databases open on the internet without authentication turned on.
Cloud security continues to challenge CIOs. According to Symantec data, CIOs have lost track of how many cloud apps are used inside their organizations. When asked, most assume their organizations use up to 40 cloud apps when in reality the number nears 1,000. This disparity can lead to a lack of policies and procedures for how employees access cloud services, which in turn makes cloud apps riskier. These cracks found in the cloud are taking shape. Symantec predicts that unless CIOs get a firmer grip on the cloud apps used inside their organizations, they will see a shift in how threats enter their environment.
See What’s Next in Tech With the Fast Forward Newsletter
SOFTWARE
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.