WT Business Beat

By Nick Wakeman

Blog archive
Nick Wakeman

The growth and evolution of cyber threats

The numbers are big in Symantec’s latest Internet Security Threat Report:

  • New zero-day vulnerability reports grew 125 percent in 2015.
  • 430 million new unique pieces of malware were discovered.
  • 500 million personal records were stolen or lost.
  • 100 million fake technical support scams were blocked.

And that is just in the executive summary to the 21st annual edition of the report.

But something else also jumped out at me from the introduction: “Perhaps what is most remarkable is that these numbers no longer surprise us,” the company wrote in its executive summary.

Sadly, cybercrime has become part of our daily lives.

But there are some signs of hope. The total number of breaches fell from 312 in 2014 to 305 in 2015. The 2015 was still significantly higher than the 253 in 2013.

The average number of identities exposed per breach is 1.3 million, up from 1.1 million 2013 but still lower than the 2.2 million exposed in 2013. So, maybe we are getting a little better there.

The number of bots are down, the email phishing rate is improved.

But the nature of the threat is evolving. New mobile device vulnerabilities soared to 528 in 2015, compared to 168 in 2014.

Symantec says that cyber criminals are increasingly targeting smartphones and mobile devices and investing in the technology to carry out sophisticated attacks.

Of course, government agencies and contractors are under constant fire from persistent attacks as well as spear-phishing campaigns. Symantec found that a government agency that was attacked by a spear-phishing campaign once would likely be attacked at least three more times. Spear-phishing is an email that appears to be from a person or business you know, but it isn’t. The email tries to get you to reveal some sort of personal information. Small businesses are a frequent target.

Cyberattacks from criminals is now as sophisticated as those conducted by nation-states.

Symantec is recommending that IT departments become more proactive and not wait for support tickets or for a favored security tool to identify an issue.

“Security needs to start digging through the data proactively during non-breach response time,” the company wrote in its conclusion.

Cybersecurity often is referred to in medical terms – the computer virus for example. Symantec embraces this analogy and recommends going further.

“By being aware of just how many risks you face, you can reduce them, and learn how to recognize symptoms, and diagnose “digital diseases” before they put your data, and your customers’ data at risk,” the company wrote in the report.

To download the report, click here.

Posted by Nick Wakeman on Apr 13, 2016 at 11:24 AM


Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

I agree to this site's Privacy Policy.