Cybercrime Increases As Crooks Get AI Smarter

Symantec's 2016 Internet Security Threat Report (ISTR) reveals that the year 2015 saw an increase in hacking numbers and smarter attacks.

The report concludes that, each week, a new zero-day vulnerability was discovered; stolen or lost records were estimated to be around half a billion; about three-quarters of websites were found to have vulnerabilities; employees targeted by spear-phishing campaigns saw a 55 percent increase in occurrence; ransomware attacks increased to 35 percent; and the number of fake technical support scams prevented reached about 100 million instances.

And these are just the recorded facts.

Hackers are getting so much craftier and smarter that victims don't even realize that they're under attack. Attacks have become more, subtle and even stealthier. Users are lucky if they catch the attack, but those unaware of threats often suffer major damages in properties.

In 2015, a new zero-day vulnerability was discovered each week, totaling 54 vulnerabilities, more than double the number back in 2014. These attacks are possible because of vulnerabilities found in programs that hackers exploit even before developers can come up with a patch.

The Case of Adobe

Four out of the five most exploited apps were on Flash Player. Adobe comments in an interview that, to avoid such attacks, users should always update their system to the latest patch.

The company believes that, since Flash Player is installed in every system, it's the target of most zero-day vulnerability attacks. Adobe assures users that, once an attack is detected, the company is quick to respond and rolls out a patch in a matter of days. It's now up to the user to make sure that they protect themselves.

Symantec found that breached companies would sometimes withhold information and not release the full report of attacks on their system. As such, not only were there 429 million records hackers mined from vulnerable companies, but more than half a billion could have been compromised, as estimated in the ISTR.

Staying Alert Against Recurring Attacks

Three-quarters of websites were found to be vulnerable to attacks as well. To this day, 75 percent of legitimate web companies have vulnerabilities in their system, putting online users at risk. Hackers can infect a trusted website which, when logged into, would spread the infection to unsuspecting users.

Symantec's ISTR detailed how "web administrators struggle to stay current on patches," allowing millions of attacks against Netizens every day. Experts warn that, if a first attack is prevented, companies should still stay alert for recurring attacks in the future. The ISTR found that most hackers who are fixated on hacking a particular system will not easily give up and will retry at a later date.

Forms of Cyber Attack

Particular strands of these attacks used ransomware to extort money from companies. Ransomware is a malware infection that encrypts a system's date then demands ransom from affected parties to supposedly "decrypt" the files.

Hackers would also reportedly disguise themselves as tech support specialists who help clean out a system for malware infection. In reality, however, these supposed experts would be disabling virus protection, updates, and notifications, thereby increasing vulnerabilities in a system. Symantec blocked 100 million of these attacks in 2015.

Symantec predict that, in the year 2020, the risk of attacks could grow to 20.8 billion against "internet-connected" things.

TechTimes: http://bit.ly/1pp9Ko1

« On the Brink of Cyber War…
How To Deal With The Rising Tide Of Ransomware »

Perimeter 81

Directory of Suppliers

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 5,000+ specialist service providers.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

SCdocumentation

SCdocumentation

SCdocumentation specialises in the provision of documentation services for areas including ISO 27001 information security compliance.

Experian

Experian

Experian provide software solutions to help organizations prevent identity fraud and crime.

Auth0

Auth0

Auth0 is a cloud service that provides a set of unified APIs and tools that instantly enables single sign-on and user management for any application, API or IoT device.

Eseye

Eseye

Eseye is a global specialist supplier of cellular internet connectivity for intelligent IoT (Internet of Things) devices.

Trinity Cyber

Trinity Cyber

Trinity Cyber’s patent-pending technology stops attacks before they reach internal networks,reducing risk and increasing cost to adversaries.

YesWeHack

YesWeHack

YesWeHack offers companies an innovative approach to cybersecurity with Bug Bounty (pay-per-vulnerability discovered) to identify and report vulnerabilities in their systems.

Axxum Technologies

Axxum Technologies

Axxum Technologies is a premier provider of Network Communications and Information Technology Security Solutions.

Sharktech

Sharktech

Sharktech designs, develops, and supports advanced DDoS protection and web technologies.