Report points to increase in 2014 cyber attacks; what should you do?

The problem with cybersecurity is that when organizations are finally ready for an attack, the threat has likely already evolved and defenses are no longer what they need to be to prevent an attack.

According to a recent Symantec report—the Internet Security Threat Report—the government public sector experienced 26 breaches and seven million exposed identities, a number that is 23 percent higher than the number of breaches in 2013.

In 2013, the average response time to a cyber attack was four days, the report said. That meant that it took organizations an average of four days to launch a patch that fixed the breach in question. In 2014, however, it took 204 days, 22 days and 53 days for vendors to provide a patch for the top three most exploited vulnerabilities, the report said.

The number of phishing attacks decreased 14 percent from 2013, but the number of highly-targeted spear-phishing attacks increased eight percent. Attackers are getting trickier. 2014 saw the appearance of “Trojanized” software updates, the Symantec report said, where attackers identified common software programs used by target organizations, hid their malware inside software updates for those programs, and then waited for their targets to install that software.

Their targets varied as well: five out of six large companies—those with more than 2,500 employees—were targeted with spear-phishing attacks, a 40 percent increase over 2013. Small and medium-sized business attacks also increased by 26 percent and 30 percent.

Internet of Things remains an issue since many different devices, some of which record personal information like wearable devices, are connected together, with the breach of one meaning the breach of them all, the report said.

The report was not all doom and gloom, however. Symantec recommends in its report a number of best practices for consumers and website owners, including directions like updating your system and virus software regularly, educate yourself on scareware tactics, and take a number of extra precautions to guard your personal data.

The company also in its report emphasizes the use of five controls—in addition to many more—in particular to establish a foundation of security.

These five controls are:

• Take an inventory of authorized and unauthorized devices and maintain an up-to-date inventory, thereby reducing the ability of hackers to find and exploit unprotected systems.
• Do the same thing with authorized and unauthorized software to root out attacks.
• Secure configurations for hardware and software on all computers and servers, thereby preventing attackers from exploiting services and settings that allow easy access through networks and browsers.
• Have continuous vulnerability assessment and remediation by running regular automated vulnerability scans against all systems.
• Use automated antivirus and anti-spyware software continuously monitor and protect your infrastructure.

The full report can be found here.