60% of all data breaches that exposed identities were due to hacking
Security giant Symantec’s new Internet Security Threat Report has revealed that web-based attacks are on the rise with attackers leveraging social engineering techniques to lure users to malicious websites.
The firm said that cybercriminals are utilising the abundance of personal information openly available on social networking sites to synthesize socially engineered attacks on key individuals within targeted companies.
Symantec said that attackers created new malicious code variants in an effort to evade detection by security software and it has identified more than 240 million distinct new malicious programs, a 100% increase over 2008. Web-based attacks that are targeted at PDF viewers accounted for 49% of observed web-based attacks, an increase of 11% compared to 2008.
The firm said that it has blocked an average of 100 potential attacks per second in 2009. The Sality.AE virus, the Brisv Trojan and the SillyFDC worm were the threats most frequently blocked by Symantec security software in 2009.
According to the report, 75% of enterprises surveyed experienced some form of cyber attack in 2009, while 60% of all data breaches that exposed identities were due to hacking. Spam made up 88% of all e-mail, with a high of 90.4% in May and a low of 73.7% in February.
Symantec also noted that maintaining a secure, patched system became more challenging than ever in 2009 and many users are failing to patch even very old vulnerabilities. The report found firm signs that malicious activity is now taking root in countries with an emerging broadband infrastructure, such as Brazil, India, Poland, Vietnam and Russia.
Stephen Trilling, senior vice president for security technology and response at Symantec, said: “Attackers have evolved from simple scams to highly sophisticated espionage campaigns targeting some of the world’s largest corporations and government entities.
“The scale of these attacks and the fact that they originate from across the world, makes this a truly international problem requiring the cooperation of both the private sector and world governments.”