Attackers switch tactics to gain access to corporate networks
In the current information security climate it seems that falling victim to some form of cyber attack is just a matter of time. If you haven't been hit yet chances are you will be soon.
The latest Internet Security Threat Report from Symantec shows that five out of six large companies were targeted in 2014, a 40 percent increase over the previous year, and that attackers are shifting their tactics when targeting corporations.
Networks continue to be breached using highly-targeted spear-phishing attacks, which increased a total of eight percent in 2014, confirming the findings of another report today. Over the last year the precision of these attacks has increased, they've used 20 percent fewer emails to successfully reach their targets and incorporated more drive-by malware downloads and other web-based exploits.
Symantec has also observed attackers using stolen email accounts from one corporate victim to spear-phish other victims higher up the company chain. Attacks have been taking advantage of companies' management tools and procedures to move stolen intellectual property around the corporate network before exporting it. The report reveals the building of custom attack software inside the networks of their victims to disguise attacker's activities too.
"Attackers don't need to break down the door to a company's network when the keys are readily available," says Kevin Haley, director of Symantec Security Response. "We're seeing attackers trick companies into infecting themselves by Trojanizing software updates to common programs and patiently waiting for their targets to download them -- giving attackers unfettered access to the corporate network".
Although email remains a popular source of attack criminals are increasingly experimenting with other methods using mobile devices and social media. "Cybercriminals are inherently lazy; they prefer automated tools and the help of unwitting consumers to do their dirty work," adds Haley. "Last year, 70 percent of social media scams were shared manually, as attackers took advantage of people's willingness to trust content shared by their friends".
Ransomware remains lucrative too, rising 113 percent last year. More worrying still, rather than the traditional ransomware approach of pretending to be a law enforcement agency levying a fine for stolen content, Symantec has noted a rise of crypto-ransomware which holds a victim's files, photos and other digital content hostage without masking the attacker's intention. There were 45 times more victims of crypto-ransomware attacks than in 2013.
The full report is available as a PDF from the Symantec website, or you can sign up to hear Haley discuss the findings in a webcast taking place at 10am Pacific Time tomorrow (April 15).
Photo Credit: ra2studio/Shutterstock