More businesses are falling prey to cyberattacks said Symantec at a briefing on their latest Internet Security Threat Report (ISTR) held on the sidelines of Interpol World 2015.
The company also announced that it has expanded its Incident Response Services into several new markets, a move that enables organizations to proactively address security needs, enable continual security improvement and overall cyber resiliency.
According to the ISTR, five out of six large companies were targeted in 2014, a 40 percent increase over the previous year. Alarmingly though, the report also noted that one in five did not report information on the data exposed (up from one in six).
“We are seeing a dramatic shift in the mode of attacks. Attackers have stepped up their game by tricking companies into infecting themselves through Trojanised software updates and gaining full access to corporate networks without the need to even make any forced entry,” said Peter Sparkes, Symantec’s senior director of Cyber Security Services, Asia Pacific and Japan.
The report revealed that unlike mass email or spam attacks of old, these new attacks used 20 percent fewer emails to successfully reach their targets and incorporated more drive-by malware downloads and other web-based exploits.
Attackers moving faster to exploit zero day vulnerabilities
Symantec research reveals that it took software companies an average of 59 days to create and roll out patches—up from only four days in 2013. Attackers took advantage of the delay and, in the case of Heartbleed, leapt to exploit the vulnerability within four hours.
Sparkes said that while protection still remained important in protecting a business so too was detection, response and recovery. “For example, “he said, “A company can have a stock comment from their CEO on hand to go out in case they get hacked so customers can be reassured action is being taken.”
Symantec recommends the following best practices for businesses to protect themselves:
Expansion of Incident Response Services into new markets
Symantec Corp. has expanded its Incident Response Services into several new markets, a move that enables organizations to proactively address security needs, enable continual security improvement and overall cyber resiliency. The Incident Response Emergency Response Service is now available in North America, the UK and select Asia-Pacific regions.
Given the sophisticated nature of the threat landscape, organizations need to change their security strategy. Symantec has launched two Incident Response Service offerings: Emergency Response Services and Retainer Services.
The Emergency Response Services help customers resolve incidents, return to normal operations and prevent incident recurrence while minimizing operational impact.
The Incident Response Retainer Services enables customers to steer away from a high-cost reactive approach toward a more proactive, programmatic one by assessing their current incident response programs, identifying gaps and putting protections in place to better mitigate security incidents. As a result, customers will improve response times, lower response costs, increase overall effectiveness, and support a cycle of continuous security and response improvements.
Sources by: Enterprise Innovation