Cybersecurity organisation, Symantec has released its Internet Security Threat Report (ISTR) vol 21. for 2015. The report reveals an alarming situation for Indian businesses as cyber criminals go through an organizational shift establishing themselves as professional businesses and adopting corporate best practices to increase the efficiency of their attacks against enterprises and consumers.
This new class of professional cyber criminal spans the entire ecosystem of attackers, extending the reach of enterprise and consumer threats and fueling the growth of online crime.
Advanced criminal attack groups now echo the skill sets of nation-state attackers. They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours and even take the weekends and holidays off.
said Tarun Kaura, Director –Solution Product Management for Asia Pacific and Japan, Symantec.
He further added,
We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams.
According to the report, globally in 2015, the number of zero-day vulnerabilities discovered more than doubled to 54, a 125 percent increase from the year before.
In other words, a new zero-day vulnerability was found every week (on average) in 2015. Meanwhile, malware increased at a staggering rate with 430 million new malware variants discovered in 2015.
Additionally, data breaches continue to affect governments and organisations as 2015 witnessed the largest data breach ever publicly reported with 191 million records compromised in a single incident.
There was also a record-setting total of nine reported mega-breaches. While 429 million identities were exposed, the number of companies that chose not to report the number of records lost jumped by 85 percent.
And due to a young demographic, millions of mobile connections, rapid adoption of cloud and increasing integration of ICT in critical infrastructure, India continues to be a top source as well as the destination of cyber attacks.
Although India witnessed a steady decrease in the amount of spam as it ranked at 18th position as a source of spam from 6th rank in 2014, it continues to rank as the third top source of overall malicious activity including spam, malware, phishing hosts and bots, etc.
In 2015, Indian organizations were the 6th most targeted in Asia, with targeted organizations on the receiving end of two attacks on an average. Organizations in the public utilities and financial sector that were targeted once were most likely to be targeted again at least two times more throughout the year.
Mining was the highest risk prone sector, where one out of two companies was attacked at least once last year. 40 percent of BFSI businesses were also attacked at least once.
In fact, over the last three years India has gradually moved up the rankings to rank #3 in 2015 (after rank #7 – 2013; #5– 2014) for most financial Trojan infections globally.
Furthermore, unlike previous years, it’s not just Fortune 500 companies and nation states, at risk of having IP stolen. The last five years have seen a steady increase in attacks targeting businesses with less than 250 employees.
In 2015, over one in two attacks (52 percent) were aimed at small businesses in India, proving that companies of all sizes are at risk.
The more aggressive crypto-ransomware attack that encrypts all of a victim’s digital content and holds it hostage until a ransom is paid, also grew by 35 percent globally.
This year, ransomware spread beyond PCs to smartphones, Mac and Linux systems, with attackers increasingly seeking any network-connected device that could be held hostage for profit, indicating that the enterprise is the next target.
India is the second most favoured destination for Ransomware in Asia with the average number of attacks per day increasing 114 percent to 15 attacks per hour. Almost 10 percent of these attacks were crypto-ransomware- posing a threat to consumers and enterprises alike.
Social media scams also continued to hit India in 2015 as India witnessed a 156 percent increase in the percentage of social media scams. Every sixth scam impacted an Indian, making it the most targeted country in Asia and second in the world.
A whopping 94 percent of these scams were spread through manual sharing, proving India’s burgeoning social media population remains a favored target of scammers, as they seek to leverage the trust people have in their own social circles to spread scams, fake links, and phishing.
The report also revealed that cyber criminals have begun to increasingly focus on using the intersection of the physical and digital world to their advantage.
In 2015, cybercriminals revisited fake technical support scams, which saw a 200 percent increase globally. With close to 5, 00,000 attacks last year, India ranked 11 amongst countries targeted the most by tech support scams.
The difference now is that scammers send fake warning messages to devices like smartphones to prompt people to call attackers directly in order to dupe them into buying useless services or even install malware.
Amidst these increasing attacks, there are many steps businesses and consumers can take to protect themselves. As a starting point, Symantec recommends the following best practices:
Using advanced threat and adversary intelligence solutions to help you find indicators of compromise and respond faster to incidents.
Implement multi-layered endpoint security, network security, encryption, strong authentication and reputation-based technologies. Partner with a managed security service provider to extend your IT team.
Preparing for the worst through incident management that ensures your security framework is optimized, measurable and repeatable, and that lessons learned improve your security posture. Consider adding a retainer with a third-party expert to help manage crises.
Provide ongoing education and simulation-based training for all employees and issuing guidelines and procedures for protecting sensitive data on personal and corporate devices.
Regularly assessing internal investigation teams—and running practice drills—to ensure you have the skills necessary to effectively combat cyber threats.
Use strong passwords and change your passwords every three months and never reuse your passwords.
Never view, open, or copy email attachments unless you are expecting the email and trust the sender.
Use an internet security solution that includes antivirus, firewalls, browser protection and proven protection from online threats.
Be wary of scareware tactics: Versions of software that claim to be free, cracked or pirated can expose you to malware. Social engineering and ransomware attacks will attempt to trick you into thinking your computer is infected and get you to buy useless software or pay money directly to have it removed.
Limit the amount of personal information you share on social networks and online, including login information, birth dates and pet names.