Symantec’s Internet Security Threat Report (ISTR), Volume 21, reveals an organizational shift by cybercriminals: They are adopting corporate best practices and establishing professional businesses in order to increase the efficiency of their attacks against enterprises and consumers. This new class of professional cybercriminal spans the entire ecosystem of attackers, extending the reach of enterprise and consumer threats and fueling the growth of online crime.
“Advanced criminal attack groups now echo the skill sets of nation-state attackers. They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours and even take the weekends and holidays off,” said Tarun Kaura, Director –Solution Product Management for Asia Pacific and Japan, Symantec. “We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams.”
Advanced professional attack groups are the first to leverage zero-day vulnerabilities, using them for their own advantage or selling them to lower-level criminals on the open market where they are quickly commoditized. In 2015, the number of zero-day vulnerabilities discovered more than doubled to a record-breaking 54, a 125 percent increase from the year before, reaffirming the critical role they play in lucrative targeted attacks. Meanwhile, malware increased at a staggering rate with 430 million new malware variants discovered in 2015. The sheer volume of malware proves that professional cybercriminals are leveraging their vast resources in attempt to overwhelm defenses and enter corporate networks.
Data breaches continue to impact the enterprises and even governments. Additionally, we saw the largest data breach ever publicly reported last year with 191 million records compromised in a single incident. There were also a record-setting total of nine reported mega-breaches. While 429 million identities were exposed, the number of companies that chose not to report the number of records lost jumped by 85 percent. A conservative estimate by Symantec of those unreported breaches pushes the real number of records lost to more than half a billion.
With a young demographic, millions of mobile connections, rapid adoption of cloud and increasing integration of ICT in critical infrastructure; India continues to be a top source as well as destination of cyber attacks. Once considered the spam capital of the world, India has seen a steady decrease in the amount of spam originating from its borders. After ranking 6th in 2014, India now ranks 18th as a source of spam. However, it continues to rank as the third top source of overall malicious activity including spam, malware, phishing hosts and bots, etc.
While there is much to be learned from this comprehensive view into the threat landscape, below are a few trends that showcase the sophistication and ruthlessness of cybercriminals in 2015
“The Symantec Internet Security Threat Report reveals just how lucrative India is for cybercriminals. In fact, India is the second most favoured destination for Ransomware in Asia with the average number of attacks per day increasing 114 percent to 15 attacks per hour. Almost 10 percent of these attacks were crypto-ransomware- posing a threat to consumers and enterprises alike,” said Kaura.
In 2015, India witnessed a 156 percent increase in the percentage of social media scams. Every sixth scam impacted an Indian, making it the most targeted country in Asia and second in the world. A whopping 94 percent of these scams were spread through manual sharing, proving India’s burgeoning social media population remains a favored target of scammers, as they seek to leverage the trust people have in their own social circles to spread scams, fake links, and phishing.