Cybercrime Increases As Crooks Get AI Smarter

Symantec's 2016 Internet Security Threat Report (ISTR) reveals that the year 2015 saw an increase in hacking numbers and smarter attacks.

The report concludes that, each week, a new zero-day vulnerability was discovered; stolen or lost records were estimated to be around half a billion; about three-quarters of websites were found to have vulnerabilities; employees targeted by spear-phishing campaigns saw a 55 percent increase in occurrence; ransomware attacks increased to 35 percent; and the number of fake technical support scams prevented reached about 100 million instances.

And these are just the recorded facts.

Hackers are getting so much craftier and smarter that victims don't even realize that they're under attack. Attacks have become more, subtle and even stealthier. Users are lucky if they catch the attack, but those unaware of threats often suffer major damages in properties.

In 2015, a new zero-day vulnerability was discovered each week, totaling 54 vulnerabilities, more than double the number back in 2014. These attacks are possible because of vulnerabilities found in programs that hackers exploit even before developers can come up with a patch.

The Case of Adobe

Four out of the five most exploited apps were on Flash Player. Adobe comments in an interview that, to avoid such attacks, users should always update their system to the latest patch.

The company believes that, since Flash Player is installed in every system, it's the target of most zero-day vulnerability attacks. Adobe assures users that, once an attack is detected, the company is quick to respond and rolls out a patch in a matter of days. It's now up to the user to make sure that they protect themselves.

Symantec found that breached companies would sometimes withhold information and not release the full report of attacks on their system. As such, not only were there 429 million records hackers mined from vulnerable companies, but more than half a billion could have been compromised, as estimated in the ISTR.

Staying Alert Against Recurring Attacks

Three-quarters of websites were found to be vulnerable to attacks as well. To this day, 75 percent of legitimate web companies have vulnerabilities in their system, putting online users at risk. Hackers can infect a trusted website which, when logged into, would spread the infection to unsuspecting users.

Symantec's ISTR detailed how "web administrators struggle to stay current on patches," allowing millions of attacks against Netizens every day. Experts warn that, if a first attack is prevented, companies should still stay alert for recurring attacks in the future. The ISTR found that most hackers who are fixated on hacking a particular system will not easily give up and will retry at a later date.

Forms of Cyber Attack

Particular strands of these attacks used ransomware to extort money from companies. Ransomware is a malware infection that encrypts a system's date then demands ransom from affected parties to supposedly "decrypt" the files.

Hackers would also reportedly disguise themselves as tech support specialists who help clean out a system for malware infection. In reality, however, these supposed experts would be disabling virus protection, updates, and notifications, thereby increasing vulnerabilities in a system. Symantec blocked 100 million of these attacks in 2015.

Symantec predict that, in the year 2020, the risk of attacks could grow to 20.8 billion against "internet-connected" things.

TechTimes: http://bit.ly/1pp9Ko1

« On the Brink of Cyber War…
How To Deal With The Rising Tide Of Ransomware »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Information Security Systems (ISSCOM)

Information Security Systems (ISSCOM)

ISSCOM provide services to help companies implement Information Security Management Systems (ISMS) by providing consultancy and hands-on assistance.

Regulus Cyber

Regulus Cyber

Regulus enables drones, robots and autonomous vehicles to operate safely, without malicious or accidental interference to the operation of their mission.

Versa Networks

Versa Networks

Versa is a software-defined networking vendor providing an end-to-end solution that both simplifies and secures the WAN/branch office network.

Silverskin Information Security

Silverskin Information Security

Silverskin is a cyber attack company that specializes in having knowledge of the attacker's mindset to identify vulnerabilities and build effective and persistent defences.

ThreatSpike Labs

ThreatSpike Labs

ThreatSpike Labs provides the first end-to-end fully managed security service for companies of all sizes.

STM

STM

STM provides system engineering, technical support, project management, technology transfer and logistics support services for the Turkish Armed Forces.

Switchfast Technologies

Switchfast Technologies

Switchfast Technologies is an IT consulting and managed services provider, offering IT support and consulting to Chicagoland small businesses.

GuardDog.ai

GuardDog.ai

guardDog.ai has developed a cloud-based software service with a companion device that work together to simplify network security.

Periculus

Periculus

Periculus makes managing digital risk simple. Its integrated platform offers access to purchase cyber insurance and cyber security solutions uniquely tailored to fit the needs of every business.

Responsive Technology Partners

Responsive Technology Partners

Responsive Technology Partners provides superior IT support services including cybersecurity and compliance, telephony, cloud services, cabling, access control, and camera systems.

Google Cloud

Google Cloud

Accelerate your digital transformation. Whether your business is early in its journey or well on its way to digital transformation, Google Cloud can help solve your toughest challenges.

Anura

Anura

The world’s most accurate ad fraud solution protects your web assets by eliminating bots, malware and human fraud, ensuring your content is seen by real people.

Seven AI

Seven AI

Seven AI develops cyber security software designed to identify online threats.

Tyto Athene

Tyto Athene

At Tyto Athene, we harness the power of technology to provide solutions that shape the future.

TisOva

TisOva

TisOva is an innovative cybersecurity startup dedicated to addressing the growing issue of online scams targeting students.

Elixirr

Elixirr

Elixirr is an award-winning global consulting firm working with clients across a diverse range of markets, industries and geographies.