Symantec warns businesses they must expect to be attacked

Symantec has released its latest Internet Security Threat Report (volume 20), complete with the usual eye-watering stats.

And the company made the point that it’s no longer a case of ‘if’ you might be attacked – it’s a case of ‘when’, and the quicker organisations start to think along those lines, the better.

Symantec found that no less than five out of every six large companies were targeted by cyber-attackers during 2014, which was up 40 per cent on 2013, a major leap. Attackers are developing techniques to infect firms via more stealthy ways like software updates.

Kevin Haley, director, Symantec Security Response, commented: “Attackers don’t need to break down the door to a company’s network when the keys are readily available. We’re seeing attackers trick companies into infecting themselves by Trojanising software updates to common programs and patiently waiting for their targets to download them – giving attackers unfettered access to the corporate network.”

Last year also saw a record set when it comes to zero-day vulnerabilities, with 24 discovered, and companies failing to act quickly to patch problems. The average patch time being 59 days, in fact – a massive increase from four days back in 2013. That’s an incredible delay to fix things, especially when you consider that with flaws like Heartbleed, attackers were on the case exploiting within four hours of discovery.

Be warned that targeted spear phishing (crafted phishing attacks that are personalised to be more likely to fool the recipient) were also on the up, and used to successfully bust open corporate networks – they were up 8 per cent over 2014.

Ransomware also witnessed a major increase, more than doubling last year, and of course social media remained a popular vehicle for malware peddlers. Haley noted: “Cybercriminals are inherently lazy; they prefer automated tools and the help of unwitting consumers to do their dirty work. Last year, 70 per cent of social media scams were shared manually, as attackers took advantage of people’s willingness to trust content shared by their friends.”