Symantec released their annual Internet Security Threat Report (the Symantec Report) last week (available at http://www.symantec.com/security_response/publications/threatreport.jsp) and it makes for alarming reading. The risk of cyberattack is one that has been brought to the forefront of popular consciousness by the devastating cyberattacks on Sony Pictures Entertainment in 2014 and the Symantec Report shows that 2014 saw a worryingly exponential increase in the number, severity and sophistication of such attacks.
A noticeable theme throughout the Symantec Report is that cybercriminals are becoming more sophisticated and daring and this can be seen in particular by the fact that there were 45 times more victims of crypto-ransomware attacks than in 2013. A crypto-ransomware attack is where an attacker holds a company or individual's files hostage (denying access to the owner of the file) until payment is made to the attacker for their release.
Some other noteworthy trends that are highlighted in the Symantec Report are as follows:
- Advanced attackers attacked 5 out of 6 large companies in 2014 – this is a 40% increase over the year before;
- 60% of all targeted attacks struck small and medium sized organizations;
- There were more than 317 million new pieces of malware created in 2014 – that means nearly one million new pieces of malware were released onto the internet every day in 2014;
- 70% of social media scams were shared manually by unwitting or duped users of the affected social media platforms.
The increase in the number of attempted and actual cybersecurity breaches as outlined in the Symantec Report together with the negative impact on reputation and the resulting financial cost and resources needed to respond to an incident has made cybersecurity a key priority for companies across all sectors and industries.