Symantec: 2013 Was 'Year of Mega Breach'
Symantec reported that over 552 million identities were exposed in 2013 as a result of data security breaches. Those numbers and more were revealed in the security giant's "Internet Security Threat Report (ISTR) 2014, Volume 19," released this week. Here's a closer look at ISTR.
Symantec (SYMC), a provider of cloud, endpoint, mobile and virtual security solutions, called 2013 “the Year of the Mega Breach” in its “Internet Security Threat Report (ISTR) 2014, Volume 19.” Symantec found that there was a 62 percent increase from 2012 to 2013 in the number of data breaches, resulting in more than 552 million identities exposed.
ISTR revealed that there were eight mega breaches last year. In addition, targeted attacks were up 91 percent and lasted an average of three times longer compared to 2012.
Why are more cybercriminals using bigger, longer attacks? Here’s what two Symantec officials had to say about the report’s findings.
“One mega breach can be worth 50 smaller attacks,” Kevin Haley, Director of Symantec Security Response, said in a statement. “While the level of sophistication continues to grow among attackers, what was surprising last year was their willingness to be a lot more patient – waiting to strike until the reward is bigger and better.”
“You’re wearing down a company with [fewer] resources, who can’t batten down the hatch and ride out the storm. Frankly, there’s more to steal from [SMBs] than consumers, and they’re a lot less secure than a lot of large enterprises,” Brian Burch, Symantec’s Vice President of Global Consumer and Small Business Segment Marketing, told Fox Business.
Symantec also found that the size and scope of breaches are expanding. Researchers noted that each of the eight top data breaches in 2013 resulted in the loss of tens of millions of data records.
“Nothing breeds success like success – especially if you’re a cybercriminal,” Haley said, in a statement. “The potential for huge paydays means large-scale attacks are here to stay. Companies of all sizes need to re-examine, re-think and possibly re-architect their security posture.”
Here’s a look at some of the highlights from ISTR:
23 zero-day vulnerabilities were discovered.
38 percent of mobile users have experienced mobile cybercrime in the past 12 months.
Spam volume dropped to 66 percent of all email traffic.
1 in 392 emails contained phishing attacks.
Web-based attacks rose 23 percent.
1 in 8 legitimate websites have a critical vulnerability.
ISTR features a summary and analysis of the year in global threat activity. The full report is available for download here, and Symantec is providing protection tips for businesses and consumers as well.
About the Author
You May Also Like