Symantec recently analyzed data compiled from 57.6 million cyber attack throughout 157 countries and reached a bleak conclusion, describing 2014 as “…a year with far-reaching vulnerabilities, faster attacks, files held for ransom, and far more malicious code than in previous issues.”
In fact, the
Internet Security Threat Report (ISTR) discovered that not only did the number of breaches rise by 23%, but hackers are now shifting focus from identifying and attacking a vulnerability to exploiting one to make a network or system turn against itself.
ISTR also found:
- Defense is not keeping up with the speed of attacks, and hackers have learned to target “zero-day” vulnerabilities before victims can find or develop a patch
- Hackers often target small to medium-sized businesses since they lack the complex technological safeguards of larger corporations
- Cyberattackers are savvy, with experienced individuals imitating employee credentials, infecting organizations with legitimate-looking software that actually compromises the entire network and adopting email addresses to “spear-phish” other accounts of higher echelon companies
- 2014 witnessed 45 times the number of cyber ransomware victims that 2013 did
Canada is particularly at risk of these vulnerabilities. The country ranked number 4 in ransomware and attacks permeating social media last year. Ransomware refers to detrimental computer programs that shut down operations or prevent access to software until the owner meets a ransom demand.
“The fact is, it’s just a matter of time when you will be breached,” Alexander Rau, Symantec Canada’s national information security strategist, told
The Vancouver Sun.
What troubles many organizations isn’t just this inevitability, but the evolving severity of cyber threats. Many hackers are advanced enough to imitate employees or create scam software that seems official but actually maliciously extracts information from servers.
“Attackers don’t need to break down the door to a company’s network when the keys are readily available,” Kevin Haley, director, Symantec Security Response, said in a statement. “We’re seeing attackers trick companies into infecting themselves by Trojanizing software updates to common programs and patiently waiting for their targets to download them—giving attackers unfettered access to the corporate network.”
In Canada, the top threats in 2014 were:
- malicious code
- spam
- phishing hosts
- bots
The industries that were frequently targeted include public administration, services – professional and agricultural, forestry and fishing.
