SECURITY
Cybercrime reaching epidemic proportions More than 430 million new unique pieces of malware were discovered by a single Internet security company in 2015 as cybercrime becomes part and parcel of daily life
T
his figure was up a massive 36 per cent from that of the year before, illustrating the rapid growth of cybercrime worldwide says leading Internet security company Symantec. Symantec has established one of the most comprehensive sources of Internet threat data in the world through the Symantec Global Intelligence Network, which comprises more than 63.8 million attack sensors that record thousands of events per second as it monitors threat activity in over 157 countries and territories. The company’s latest Internet Security Threat Report provides a frightening overview of the state of the Internet today, with constant attacks against businesses and nations leaving users numb to the sheer volume and acceleration of cyber threats. However, there are six key findings and trends from 2015 that demand the utmost vigilance from all Internet users this year, be they individuals or companies, Symantec warns. Zero hour A new zero-day vulnerability was discovered on average each week in 2015 as advanced attack groups continue to profit
from previously undiscovered flaws in browsers and website plugins. The number of zero-day vulnerabilities discovered in 2015 more than doubled to 54, a 125 per cent increase from the year before. The increase follows a disturbing pattern as the number of zero-day vulnerabilities (23) in 2013 also doubled from the year before. The number held relatively steady at 24, leading Symantec to conclude that a plateau had been reached. That theory was short-lived as the 2015 explosion in zero-day discoveries reaffirms the critical role they play in lucrative targeted attacks. Given the value of these vulnerabilities, it’s not surprising that a market has evolved to meet demand. In fact, at the rate that zero-day vulnerabilities are being discovered, they may become a commodity product, Symantec says. Targeted attack groups exploit the vulnerabilities until they are publicly exposed, then toss them aside for newly discovered vulnerabilities. When the Milan-based The Hacking Team information technology company that sells offensive intrusion and surveillance capabilities to gov-
ernments, law enforcement agencies and corporations was exposed in 2015 as having at least six zero-days in its portfolio, it confirmed suspicions that the hunt for zero days was being professionalised. Vulnerabilities can appear in almost any type of software, but the most attractive to targeted attackers is software that is widely used. Again and again, the majority of these vulnerabilities are discovered in software such as Internet Explorer and Adobe Flash, which are used on a daily basis by a vast number of consumers and professionals. Four of the five most exploited zero-day vulnerabilities in 2015 were Adobe Flash. Once discovered, the zero days are quickly added to cybercriminal toolkits and exploited. At this point, millions will be attacked and hundreds of thousands infected if a patch is not available, or if people have not moved quickly enough to apply the patch. Records stolen More than half a billion personal records were stolen or lost in 2015, with more companies than ever not reporting the full extent of their data breaches. In fact, the world experienced
the largest data breach ever publicly reported in 2015, the report notes. An astounding 191 million records were exposed. It may have been the largest mega-breach, but it wasn’t alone. In 2015, a record-setting total of nine mega-breaches were reported. (A mega-breach is defined as a breach of more than 10 million records.) The total reported number of exposed identities jumped 23 percent to 429 million. But this number hides a bigger story as more and more companies chose not to reveal the full extent of the breaches they experienced last year. Companies choosing not to report the number of records lost increased by 85 per cent. A conservative estimate by Symantec of those unreported breaches pushes the real number of records lost to more than half a billion. The fact that companies are increasingly choosing to hold back critical details after a breach is a disturbing trend. Transparency is critical to security. While numerous data sharing initiatives are underway in the security industry, helping improve security products and postures, some of this data is getting harder to collect.
Protecting IT infrastructure
T
he old advice holds good for any infrastructure services when it comes to protecting IT infrastructure in the face of these threats and many others like them. Safeguard everything IT-related, including file servers, web servers, and other Internet-connected devices: • stay informed about emerging threats • keep systems up to date with patches and updates • use integrated security soft-
ware, including anti-malware technology • use a strong firewall that only permits known traffic, and review access logs regularly to detect potentially suspicious activity • employ multi-layer protection, so if one layer is compromised there are other layers to protect different areas the system • apply good policies and train staff well • control access
20 – www.infrastructurebuild.com
• deploy network intrusion preaccordingly vention and detection and • enable event logging to keep monitor email services runtrack of who is accessing data ning on the server in the cloud • always keep backups off-site. • read the cloud providers’ Don’t be complacent about service-level agreements to cloud systems either: learn how data in the cloud is • safeguard all credentials used secured to access the cloud-based • include cloud IP addresses administration functions and in vulnerability management ensure access is controlled processes and perform audits on a need-to-know basis on any services that are pro• ensure that you understand vided through the cloud. the settings of your cloud resources and configure them August-October 2016