3 Highlights from the 2015 Internet Security Threat Report

 In Cybersecurity News

Symantec, a leading provider of security products and solutions, has recently released its annual Internet Security Threat Report.  This is an exhaustive collection of data compiled by the Symantec Global Intelligence Network.   You can read the entire report here, but this post will outline some of the highlights of the report as they affect the small to midsize business IT realm.  Business leaders and IT managers will benefit from being informed of the rapidly evolving Internet security dangers that threaten the safety of their company’s data and their overall productivity.  According to the report, “60 percent of all targeted attacks struck small- and medium-sized organizations […] and many are still not adopting basic best practices.”

Here are some of the most alarming facts:

Ransomware attacks grew 113 percent in 2014, driven by more than a 4,000 percent increase in crypto-ransomware attacks

This statistic is simply stunning and should be a wake-up call for anyone who uses a computer, but especially those working with customer data or business-critical systems.  For example, a recent Cryptowall infection at one of our distribution industry clients crippled their order processing and other functions for the better part of a day, and were it not for the business continuity system we put in place several months earlier, the downtime would likely have doubled or tripled.  These types of attacks echo the more vicious and destructive viruses and worms of an earlier Internet age, like the Melissa virus and SoBig worm, but combined with an extortion component, making it much more nefarious.  Implementing web content filtering and antispam is important to help protect against these attacks, but a healthy dose of skepticism and proactive education of employees can make a huge difference in avoiding these attacks.

Symantec continued to see attacks against Point of Sales systems and mobile devices

Businesses can often neglect Point of Sales (POS) systems, because they are thought of as “unitaskers” and not full-fledged computing systems.  However, they are still connected to the main network of the business in most cases, and are thus vulnerable to the same threats with which a normal PC can be infected.  Also, many POS systems in small business are actually tablets and even smartphones.  Mobile devices are often neglected when it comes to IT management, which is not good practice considering the tremendous growth in mobile-targeted attacks.  For example, Symantec found that the total number of Android apps classified as malware grew from 700,000 in 2013 to 1 million in 2014.  That accounts for 17% of all Android apps in total.

Two industry verticals most targeted by spear-phishing – Manufacturing and Financial Services

The manufacturing and financial industries were targeted a disproportionately higher number of times than other businesses.  According to Symantec, manufacturing companies were hardest hit, with 20 percent of the total number of spear-phishing attacks, followed by nontraditional service companies and then the financial sector, with 18 percent of the total.  Spear-phishing is a specific type of e-mail fraud attack, which is more targeted, focusing on a specific group or organization.  Though in more high profile attacks, those targets were large corporations, it was common for entire business sectors to be in the crosshairs.  The selected victim can be a group of companies in the financial sector in NJ, for example.  Antispam is an important deterrent, but again, employee education and healthy suspicion is the most effective way to combat these types of attacks.

These three items merely scratch the surface of what Symantec has covered in the report.  I recommend that all IT managers, as well as business owners concerned about their IT security, read it.  Even if many of the statistics don’t specifically apply to you or your company, one thing is made very clear: Security threats are growing and changing all the time, and it is a good idea to gain a clear understanding of the many methods used by attackers to get to your data and systems.