Attackers seem hard to detect, as they are getting sheerer and smarter. Symantec observed in its report that attackers were seen more prompt in adoption of smart techniques against defensive techniques used in organizations in 2014. The 2013 year was of mega breaches while the 2014 year was high profile vulnerabilities. Attackers also take help of watering hole attacks, select the best method to infect legitimate websites, observe visitors, and target their selective companies for attack. The motivation behind such cyber attacks are money, political backup and risk & reward. We have tried to present two info-graphics on these issues.
- If we compare 2015 against the previous year, there is a hike of 23% in cyber attacks (from 253 to 312 attacks).
- Attackers use tools to steal users’ data like personal information, account information, credit and debit card data. The victims may be individuals, multinational companies, or a government.
- Attackers sell this stolen information in the black market at the price starting from $0.50 to $100. Such underground market is cloaked from innocent users and growing rapidly.
- Culprits use novice readily available code to expert malware codes and make attack successful.
- The ratio of insider theft in overall attack is 8% compared to 5% in 2013 while the ratio of accidentally exposed of records is reduced by 15% compared to a previous 2013 year.
- There are advanced attackers who target 5 out of 6 large organizations in 2014 that shows a 43% rise in large companies targeted attack.
- If we compare defense environment against evolving attack techniques, attackers are more advanced. Companies are still using old tactics to fight against the attackers.
- There are total 24 Zero-day vulnerabilities found in 2014, which is the highest record so far.
- There are 60% of all attacks have targeted small and medium businesses.
The first info-graphic states about the impact of advanced techniques of cyber attackers on small and medium-sized enterprises.
The second info-graphic shows the path of a cyber hacker (how they steal funds).
These findings from 2015 Internet Security Threat Report – by Symantec.