Cyber Attacks Hit 5 of 6 Large Companies in 2014
Symantec’s latest Internet Security Threat Report illustrates just how vulnerable American companies were to cyber attacks last year. An estimated 5 of 6 large companies were targeted by attackers in 2014, an increase of 40% from a year ago. Large companies are defined as any firm with more than 2,500 employees.
Large businesses were not the only ones earmarked for attacks. 60% of all hacking efforts were targeted at small- and mid-sized businesses.
According to the report, there were 317 million new pieces of malware created in 2014, almost one million per day.
Phishing cybercriminals became more accurate with their attacks in 2014, sending out 14% fewer emails to 20% fewer targets last year. Criminals send an email which appears to be from a company or individual you know. This focused effort, known as spear phishing, increased by 8% in 2014.
Symantec’s report shows a severe lack of security and detection for these impeding cyber attacks. When hackers discover a security flaw that a manufacturer does not know exists, the hackers quickly exploit that flaw before a fix or patch is developed. This is called a “zero-day vulnerability”. There were more zero-day vulnerabilities in 2014 than in any previous year.
The report says, “In total, the top five zero days of 2014 were actively exploited by attackers for a combined 295 days before patches were available.”
The vulnerability of the credit card system in America is one of the reasons why the country is switching to EMV technology by the end of the year. The delayed detection and prevention of cyber attacks could put even more consumers and businesses at risk in 2015. The hackers are “leapfrogging defenses,” leaving businesses to pick up the pieces.