Cybercrime Increases As Crooks Get AI Smarter

Symantec's 2016 Internet Security Threat Report (ISTR) reveals that the year 2015 saw an increase in hacking numbers and smarter attacks.

The report concludes that, each week, a new zero-day vulnerability was discovered; stolen or lost records were estimated to be around half a billion; about three-quarters of websites were found to have vulnerabilities; employees targeted by spear-phishing campaigns saw a 55 percent increase in occurrence; ransomware attacks increased to 35 percent; and the number of fake technical support scams prevented reached about 100 million instances.

And these are just the recorded facts.

Hackers are getting so much craftier and smarter that victims don't even realize that they're under attack. Attacks have become more, subtle and even stealthier. Users are lucky if they catch the attack, but those unaware of threats often suffer major damages in properties.

In 2015, a new zero-day vulnerability was discovered each week, totaling 54 vulnerabilities, more than double the number back in 2014. These attacks are possible because of vulnerabilities found in programs that hackers exploit even before developers can come up with a patch.

The Case of Adobe

Four out of the five most exploited apps were on Flash Player. Adobe comments in an interview that, to avoid such attacks, users should always update their system to the latest patch.

The company believes that, since Flash Player is installed in every system, it's the target of most zero-day vulnerability attacks. Adobe assures users that, once an attack is detected, the company is quick to respond and rolls out a patch in a matter of days. It's now up to the user to make sure that they protect themselves.

Symantec found that breached companies would sometimes withhold information and not release the full report of attacks on their system. As such, not only were there 429 million records hackers mined from vulnerable companies, but more than half a billion could have been compromised, as estimated in the ISTR.

Staying Alert Against Recurring Attacks

Three-quarters of websites were found to be vulnerable to attacks as well. To this day, 75 percent of legitimate web companies have vulnerabilities in their system, putting online users at risk. Hackers can infect a trusted website which, when logged into, would spread the infection to unsuspecting users.

Symantec's ISTR detailed how "web administrators struggle to stay current on patches," allowing millions of attacks against Netizens every day. Experts warn that, if a first attack is prevented, companies should still stay alert for recurring attacks in the future. The ISTR found that most hackers who are fixated on hacking a particular system will not easily give up and will retry at a later date.

Forms of Cyber Attack

Particular strands of these attacks used ransomware to extort money from companies. Ransomware is a malware infection that encrypts a system's date then demands ransom from affected parties to supposedly "decrypt" the files.

Hackers would also reportedly disguise themselves as tech support specialists who help clean out a system for malware infection. In reality, however, these supposed experts would be disabling virus protection, updates, and notifications, thereby increasing vulnerabilities in a system. Symantec blocked 100 million of these attacks in 2015.

Symantec predict that, in the year 2020, the risk of attacks could grow to 20.8 billion against "internet-connected" things.

TechTimes: http://bit.ly/1pp9Ko1

« On the Brink of Cyber War…
How To Deal With The Rising Tide Of Ransomware »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Zybert Computing

Zybert Computing

Zybert Computing provide server solutions with built-in security and information protection features for the SME market.

Davis Wright Tremaine (DWT)

Davis Wright Tremaine (DWT)

Davis Wright Tremaine is a full-service law firm with offices throughout the US and in Shanghai, China. Practice areas include Technology, Privacy & Security.

Cristie Data

Cristie Data

Cristie have been a trusted, innovative and leading edge data storage, backup and virtualisation solutions provider across all sectors of industry for over 40 years.

CGI Group

CGI Group

CGI is a leading IT and business process services provider. Services include IT consulting, Systems Integration, Application Development, Infrastructure, Business Processes, Digital IP.

CSO GmbH

CSO GmbH

CSO GmbH provide specialist consultancy services in the area of IT security.

Digital Arts

Digital Arts

Digital Arts provides internet security software and appliance products for companies and individuals.

Sapien Cyber

Sapien Cyber

Sapien Cyber is an Australian company bringing leading-edge cyber security and threat intelligence solutions.

Portuguese Institute for Accreditation (IPAC)

Portuguese Institute for Accreditation (IPAC)

IPAC is the national accreditation body for Portugal. The directory of members provides details of organisations offering certification services for ISO 27001.

Maven Technologies

Maven Technologies

Maven Technologies specialize in secure data destruction, electronics recycling, asset management, and highly detailed reporting.

Skudo

Skudo

Skudo is dedicated to creating innovative best-in-class solutions that protect data exchange with the highest level of security and privacy.

CyberLab

CyberLab

CyberLab (formerly Chess) is a specialist cyber security company that provides a wide range of security solutions and services.

Polestar Industrial IT

Polestar Industrial IT

Polestar work on both sides of the IT & OT divide. Network, Data & Asset Security is our priority. Polestar installations are robust and resilient and comply with the appropriate security.

StrongBox IT

StrongBox IT

Strongbox IT provides solutions to secure web applications and infrastructure.

Ironblocks

Ironblocks

Ironblocks is a pioneering cybersecurity firm that specializes in delivering comprehensive, end-to-end security solutions for the rapidly evolving Web3 ecosystem.

aFFirmFirst

aFFirmFirst

aFFirmFirst is a unique software solution offering a simple yet effective way for businesses to protect and control their online images and logo, as well as allowing one-click website verification.

Entitle

Entitle

Entitle's SaaS-based platform automates how permissions are managed, enabling organizations to eliminate bottlenecks and implement robust cloud least privilege access.