Zero Day Exploits Escalates by 125%: A Symantec Report

The report shows that there has been an organizational shift by cybercriminals, as they are now adopting corporate best practices and establishing professional businesses to increase the efficiency of their attacks against enterprises and consumers

Apac CIOOutlook | Monday, April 18, 2016

Stay ahead of the industry with exclusive feature stories on the top companies, expert insights and the latest news delivered straight to your inbox. Subscribe today.

MOUNTAIN VIEW, CA: Symantec’s Internet Security Threat Report (ISTR), volume 21 reports show that zero-day vulnerabilities have doubled by 125 percent in the year 2015. The zero-day vulnerabilities discovered in 2015, increased to 54 cases indicating the critical role it plays in lucrative targeted cyberattacks.

The report shows that there has been an organizational shift by cybercriminals, as they are now adopting corporate best practices and establishing professional businesses to increase the efficiency of their attacks against enterprises and consumers. This new class of professional cybercriminals includes the entire community of attackers and poses an increasing threat to consumers and enterprises.

These advanced professional groups of cybercriminals leverage zero-day vulnerabilities to their own benefits or sell them to a lower category of criminals in the open market, who then commoditize it. The report also states that 430 million new malware variants surfaced in 2015.

The report highlights that more that more than half a billion records were stolen or lost in 2015 and predictsthat enterprises will be targeted at an average of more than three times this year. 191 million records were compromised in a single incident in 2015, making it the largest data breach ever. There were also 9 mega-breaches reported last year. The number of companies that chose not to report the amount of records lost increased by 85 percent, while 429 million identities were exposed.

It was also found in the report that the nature of ransomware attacks advanced in 2015. Crypto-ransomware attacks grew by 35 percent. Crypto-ransomware attacks are cyberattacks that encrypts all of a victim’s digital content and holds it hostage until a ransom is paid. Ransomware has spread from PCs, smartphones, Mac and Linux systems and other platforms this year, as attackers are seeking network-connected devices that they can hold as hostage for ransom. This shows that a significant threat is posed to the enterprise.

Symantec saw the resurgence of many scams in 2015 as cybercriminals resorted to revisit fake technical support scams, resulting in a 200 percent increase. The difference now is that attackers are driving smartphone users via messages to call attacker-run call centers and then dupe them into buying fraud services.

“Advanced criminal attack groups now echo the skill sets of nation-state attackers. They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours and even take the weekends and holidays off,” says Kevin Haley, director, Symantec Security Response. “We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams. The increasing number of companies choosing to hold back critical details after a breach is a disturbing trend. Transparency is critical to security. By hiding the full impact of an attack, it becomes more difficult to assess the risk and improve your security posture to prevent future attacks,” added Haley.