Five out of six large companies were targeted by cybercriminals in 2014, a 40 per cent increase over the year before
Nearly one million new malware threats were released online every day in 2014, with five out of six large companies globally targeted, according to a new report.
The latest Internet Security Threat Report from cyber security firm Symantec ranked the UK second globally for targeted attacks in 2014, and top in Europe.
Almost two thirds of all targeted attacks struck small and medium-size businesses (SMBs), putting not only them but their business partners and customers at higher risk.
Email remained one of the most popular methods of attack for cyber criminals, with many using stolen email accounts from one corporate victim to phish other victims higher up the food chain.
Overall, phishing attacks increased eight per cent in 2014. However, attackers became more efficient – sending 20 per cent fewer emails to successfully reach their targets.
Attackers also continue to experiment with new attack methods across mobile devices and social networks to reach more people with less effort, according to Symantec.
For example, 17 per cent of all Android apps (nearly one million in total) were actually malware in disguise, and grayware apps, which aren’t malicious by design but do annoying and inadvertently harmful things like track user behaviour, accounted for 36pc of all mobile apps.
Meanwhile, social media platforms became a hotbed of cyber criminal activity, with the number of social media scams using ransomware to hold a victim’s files, photos and other digital content hostage rising significantly in 2014.
“Cybercriminals are inherently lazy; they prefer automated tools and the help of unwitting consumers to do their dirty work,” said Kevin Haley, director, Symantec Security Response.
“Last year, 70 per cent of social media scams were shared manually, as attackers took advantage of people’s willingness to trust content shared by their friends.”
The news coincides with a report from (ISC)2, an association of 100,000 infosecurity workers across 135 countries, which highlights the massive shortage of cyber security workers in the UK.
This shortage is leaving critical national infrastructure vulnerable to a cyber attack. One in five UK public and private sector bodies are so severely understaffed that they would take over eight days to respond to a targeted cyber-attack.
Meanwhile, half of UK defence workers are not confident they would discover a security breach, and almost half of banks do not have adequate systems in place to prepare for a security incident.
(ISC)2 claims that, worldwide, there will be a shortage of 1.5 million cyber security workers by 2020.
This article was written by Sophie Curtis from The Daily Telegraph and was legally licensed through the NewsCred publisher network.