Cybercrime Increases As Crooks Get AI Smarter

Uploaded on 2016-04-26 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Symantec's 2016 Internet Security Threat Report (ISTR) reveals that the year 2015 saw an increase in hacking numbers and smarter attacks.

The report concludes that, each week, a new zero-day vulnerability was discovered; stolen or lost records were estimated to be around half a billion; about three-quarters of websites were found to have vulnerabilities; employees targeted by spear-phishing campaigns saw a 55 percent increase in occurrence; ransomware attacks increased to 35 percent; and the number of fake technical support scams prevented reached about 100 million instances.

And these are just the recorded facts.

Hackers are getting so much craftier and smarter that victims don't even realize that they're under attack. Attacks have become more, subtle and even stealthier. Users are lucky if they catch the attack, but those unaware of threats often suffer major damages in properties.

In 2015, a new zero-day vulnerability was discovered each week, totaling 54 vulnerabilities, more than double the number back in 2014. These attacks are possible because of vulnerabilities found in programs that hackers exploit even before developers can come up with a patch.

The Case of Adobe

Four out of the five most exploited apps were on Flash Player. Adobe comments in an interview that, to avoid such attacks, users should always update their system to the latest patch.

The company believes that, since Flash Player is installed in every system, it's the target of most zero-day vulnerability attacks. Adobe assures users that, once an attack is detected, the company is quick to respond and rolls out a patch in a matter of days. It's now up to the user to make sure that they protect themselves.

Symantec found that breached companies would sometimes withhold information and not release the full report of attacks on their system. As such, not only were there 429 million records hackers mined from vulnerable companies, but more than half a billion could have been compromised, as estimated in the ISTR.

Staying Alert Against Recurring Attacks

Three-quarters of websites were found to be vulnerable to attacks as well. To this day, 75 percent of legitimate web companies have vulnerabilities in their system, putting online users at risk. Hackers can infect a trusted website which, when logged into, would spread the infection to unsuspecting users.

Symantec's ISTR detailed how "web administrators struggle to stay current on patches," allowing millions of attacks against Netizens every day. Experts warn that, if a first attack is prevented, companies should still stay alert for recurring attacks in the future. The ISTR found that most hackers who are fixated on hacking a particular system will not easily give up and will retry at a later date.

Forms of Cyber Attack

Particular strands of these attacks used ransomware to extort money from companies. Ransomware is a malware infection that encrypts a system's date then demands ransom from affected parties to supposedly "decrypt" the files.

Hackers would also reportedly disguise themselves as tech support specialists who help clean out a system for malware infection. In reality, however, these supposed experts would be disabling virus protection, updates, and notifications, thereby increasing vulnerabilities in a system. Symantec blocked 100 million of these attacks in 2015.

Symantec predict that, in the year 2020, the risk of attacks could grow to 20.8 billion against "internet-connected" things.

TechTimes: http://bit.ly/1pp9Ko1

« On the Brink of Cyber War…
How To Deal With The Rising Tide Of Ransomware »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Security Mentor

Security Mentor

Security Mentor provides innovative, online security awareness training designed for how people learn and work.

Northbridge Insurance

Northbridge Insurance

Northbridge is a leading Canadian business insurance provider. Services offered include Cyber Risk insurance.

RedLock

RedLock

The RedLock Cloud 360TM platform correlates disparate security data sets to provide a unified view of risks across fragmented cloud environments.

SKOUT Secure Intelligence

SKOUT Secure Intelligence

SkOUT Secure Intelligence (formerly Oxford Solutions) provides cyber security monitoring services to organizations around the globe.

Cyber Security Austria (CSA)

Cyber Security Austria (CSA)

Cyber Security Austria (CSA) is an independent non-profit association with the aim to address security issues in the area of IT/cyber security of critical/strategic infrastructures in Austria.

Anglo African

Anglo African

Anglo African is an information technology firm providing end-to-end solutions to different industries, from IT Infrastructure to DataCom as well as Cloud & InfoSec services.

iONLINE

iONLINE

iONLINE delivers high quality IT services and solutions to businesses in Azerbaijan.

Neurosoft

Neurosoft

Neursoft is a fully integrated ICT company with Software Development, System Integration and Information Technology Security capabilities.

Deceptive Bytes

Deceptive Bytes

Deceptive Bytes provides an Active Endpoint Deception platform that dynamically responds to attacks as they evolve and changes their outcome.

Cybersecure Policy Exchange (CPX)

Cybersecure Policy Exchange (CPX)

Cybersecure Policy Exchange is a new initiative dedicated to advancing effective and innovative public policy in cybersecurity and digital privacy.

Trustify

Trustify

Trustify is a Managed Security Service Provider offering a suite of world-class Cyber Risk Management services.

Commonwealth Cyber Initiative (CCI)

Commonwealth Cyber Initiative (CCI)

The Commonwealth Cyber Initiative is establishing Virginia as a global center of excellence at the intersection of security, autonomous systems, and data.

Intersistemi Italia

Intersistemi Italia

Intersistemi is a leading Italian company in the field of information technology integration and digital transformation including cybersecurity.

Cyber Management Alliance

Cyber Management Alliance

Cyber Management Alliance is closing the divide in cyberspace by bringing together the best qualities of thought leadership and operational mastery of cyber security management.

Redinent Innovations

Redinent Innovations

Redinent is a cutting-edge IoT Security platform that offers precise security posture analysis and delivers actionable intelligence, empowering businesses to operate with unrivaled resilience.

Xeliumtech Solutions

Xeliumtech Solutions

Xeliumtech Solutions are a Digital Transformation partner with quality offerings in Mobile App Development, Ecommerce, Devops, RPA, AI, IoT development, Cybersecurity and more.