Cyber espionage is spreading rapidly
According to Symantec’s 18th Internet Security Report, the number of targeted attacks increased by 2012 percent in 42 compared to the previous year.
These are often aimed at stealing intellectual property and are not just a threat to large organizations. An important novelty is that governments are no longer the most frequently attacked, but at the same time manufacturing companies and SMEs with less than 250 employees are increasingly affected, which are the targets of 31 per cent of such attacks. In addition, company managers are no longer the primary targets, but employees involved in the production of intellectual property, such as engineers, experts, or employees of commercial departments.
"Our report states that cybercriminals have not lost their momentum this year either: they are constantly looking for new ways to steal information from organizations of various sizes," said Harold Teasdale, Symantec's country manager for Hungary and Slovenia. "Attacks are becoming more and more sophisticated, and the development of the IT sector gives birth to more and more complex innovations - this dual trend forces businesses to be proactive. Due to the explosion of information, virtualization, mobility, cloud-based technologies and the ever-wider use of IT in general, companies need to think deeply about security precautions in order to stay ahead of attackers in the future.”
Key findings of the 18th Internet Security Report
There is also less resistance through smaller companies
The number of attacks is growing the most among companies with less than 250 employees, which tripled to 2011 percent last year compared to the rate registered in 31. While SMEs perceive that they do not have to fear attacks, cybercriminals are very attracted to their banking information as well as their customer data and digitally stored intellectual property. Attackers mostly try small businesses that they expect do not have adequate security standards and infrastructure.
The number of web-based attacks increased by 30 percent compared to 2012. Most of them were implemented through the hacked websites of small businesses. These websites were used during major cyber attacks and so-called “watering hole” attacks after hacking and infection. The point of these is that an attacker would break into a website - which could be a blog or a small business site - that your real target is likely to visit often. When a victim visits a site after a hack, the malware installs itself on your computer unnoticed. The Elderwood Group is a “pioneer” in this type of attack: in 2012, 500 organisms were infected in a single day in this way. In these cases, the attacker exploits the low security level of one, typically smaller, company to harm another, stronger company.
The creators of malware are watching us
Before successful targeted attacks, malware authors observe their victims. First, they try to find out your e-mail address, the names of your friends, your interests - any information on the basis of which the person exploiting user habits, the so-called They can launch a "social engineering" attack. After that, once the program is installed on the victim's computer, they can steal their e-mail address, passwords and video and audio recordings. All of this can go unnoticed for months as the victim's online and offline activities are monitored. The most common victims of this type of attack are people in intellectual occupations, such as engineers, researchers and other experts who have access to information that constitutes intellectual property (27 percent), but those working in commercial departments can also become targets (24 percent). In 2012, manufacturing ranked first among the most attacked industries. According to Symantec, this is because attackers target suppliers and subcontractors because they are more vulnerable and often hold valuable intellectual property.
The number of mobile threats is not related to the vulnerabilities of the platforms
Last year, the number of malware designed for mobile devices increased by 58 percent. And mobile threats to steal personal information such as email addresses and phone numbers account for 32 percent of attacks. Surprisingly, the reasons for this are not necessarily to be found in the 30 percent increase in mobile vulnerability. While we know most of the documented vulnerabilities in iOS, only one threat was registered on this platform last year. In contrast, Android, which has fewer vulnerabilities, had more attacks than any other mobile operating system. Due to Android’s market share, open platform, and diversified distribution model, this interface is the most attractive target for attackers.
Zero-day vulnerability - at the discretion of attackers
The number of zero-day attacks increased last year, and Symantec is currently aware of fourteen. A cybercrime group called Elderwood is the most successful in this area, with only their name tied to the discovery and exploitation of four such vulnerabilities. The group is likely to have more of these in their bag, and they will be used for attacks until the bugs are identified and a fix is developed for them. And once that’s done, another will be brought out instead of the vulnerability that has been exploited so far.
Hungary is a botnet nest
Symantec also looked at the exposure of individual countries to attacks. Summarizing all types of attacks, Hungary ranks 23rd on the list worldwide, compared to 25 last year. Compared to 2011, in terms of most of the factors examined, our ranking got worse by a point or two, we were only behind the list in terms of phishing hosting: we were in 28th place last year, while we were in 30th place last year. In terms of the number of computers used in botnets, we are the eighth in the world: in Budapest, for example, Symantec registered 34421 bots, ahead of cities such as Shanghai (2561), New York (14449), or Moscow (10852).
If we examine the situation of our country only among the European countries, we will take the tenth place there based on the aggregation of the types of attacks. And in terms of our involvement in botnets, we are in third place.
The factors examined were: spam zombies, malicious code, phishing hosts, bots, the number of sources of the most common internet attacks. The industries most affected are the other categories, retail and wholesale, and IT services. In terms of the size of the companies, the companies employing 501-1000 people in Hungary are the most affected by the attacks.
