Watching your back online for cyber-criminals tracking your movements might be a smart move, as targeted attacks on online privacy shot up by 42 per cent this year, according to a new study from Symantec Corp.
Drafted using data from about 69 million attack sensors in more than 157 countries, Symantec’s report outlined threats to online security in 2012 by tracking vulnerability databases, spam, phishing, and malware.
The report indicated 50 per cent of mobile malware created in 2012 was designed to steal information or track mobile users’ movements. Cyber-criminals typically try to learn Internet users’ banking information, phone numbers and emails of users’ contacts, and research websites that users frequently visit. At some point, cyber-criminals may even try to commit identity theft.
Some of the malware also pulls data from our devices, with some of them able to log keystrokes and take control of a computer’s camera, microphone and screen views. Symantec estimates that worldwide, the average number of targeted attacks is at 116 per day.
In 2012, the most sought-after targets tended to be knowledge workers and employees working in research and development. They came in at 27 per cent of targeted attacks, while people working in sales were at 24 per cent. Many of them were attacked by hackers using email attachments in messages that impersonated European Union officials, or that pretended to be from security agencies or government departments in the U.S.
Some hackers also compromised real Web sites by adding a line of code to a site found to be vulnerable, and then sending the user to a separate site that would infect his or her computer.
The industry most likely to be attacked in 2012 was manufacturing at 24 per cent, although the year before governments were the most common victim of targeted attacks. Symantec indicated that may be because hackers are increasingly going after SMBs rather than governments, and many SMBs operate in the manufacturing space.
SMBs figured highly on hackers’ hit list. Out of all targeted attacks, 31 per cent were aimed at SMBs with 250 employees or fewer. Yet in 2011, only 18 per cent of targeted attacks were directed towards SMBs.
To protect your SMB from falling prey to a hacker, Symantec has a few recommendations:
1. Even if you’re part of a small firm or company, that doesn’t mean hackers are not interested in using your business to attack others. A major part of defending your company involves going on the defensive and always preparing for a possible attack, Symantec said in its report.
2. Your SMB should use several overlapping and mutually supportive defensive systems, making sure there are no holes in protecting the network’s data. Some ideas include using regularly updated firewalls, gateway antivirus, intrusion detection, intrusion protection systems, and Web security gateway solutions.
3. Employees should be trained to recognize ways they might accidentally lose data, and should be taught methods of protecting it.
4. SMBs should install data loss protection software, and it should also encrypt all of its data.