Symantec to CISOs: Watch for the 'mega-breach'

Company releases 2013 Internet Security Threat Report, warning organizations that phishing and watering hole attacks can bury them

Symantec has declared 2013 the year of the "mega-breach," placing security pros on notice that they stand to lose big from phishing, spear-phishing and watering-hole attacks.

The company released Tuesday its Internet Security Threat Report for 2013, which found that eight breaches exposed the personal information of more than 10 million identities each. By comparison, 2012 had only one breach that size and in 2011 there were five.

The number of massive data breaches in 2013 made it the "year of the mega-breach," Symantec said. Information stolen included credit card information, government ID numbers, medical records, passwords and other personal data.

Adding to last year's notoriety was the fact that the number of data breaches rose 62 percent from 2012. That amounted to 552 million identities exposed, an increase of 368 percent.

The increasing threat of having computer systems compromised has drawn attention within an organization to the chief information security officer (CISO) and the security team, Edward Ferrara, analyst for Forrester research said. He has advised CISOs to see this as a "big opportunity" to raise their profiles to the level of other high-level executives.

However, the higher exposure will carry huge risks.

"Security incidents, managed well, can actually enhance customer perceptions of a company; managed poorly, they can be devastating," Ferrara wrote in a recent blog post. "If customers lose trust in a company because of the way the business handles personal data and privacy, they will easily take their business elsewhere."

Symantec found that targeted attacks continued to increase, while watering-hole attacks also rose in popularity, a trend that started in 2012. A watering-hole attack is when malware is embedded inside a Web page and downloaded when the victim visits the site.

Spear phishing remained a favorite among hackers, with the number of campaigns soaring by 91 percent, the report found. The campaigns also ran three times longer last year than in 2012.

At the same time, attackers used fewer email in targeting fewer companies, an indication that cybercriminals were taking a "low and slow" approach, Symantec said.

Organizations found most at risk of cyberattacks were governments and mining and manufacturing companies. Their odds of being attacked were 1 in 2.7, 1 in 3.1 and 1 in 3.2, respectively.

Mining and manufacturing companies are typically at a disadvantage in defending against attacks, because they often lack an "IT savvy workforce and appropriate budgets to fund cybersecurity efforts," Rohyt Belani, chief executive of security firm PhishMe, said.

"Traditionally, manufacturing and mining companies have not had to worry about information security threats as much as say, financial services, as the primary adversaries were cybercriminals," Belani said. "However, with the rise of the nation-state actors these industries are under constant attack as the proverbial pot of gold of proprietary information and intellectual property is very lucrative."

Along with honing their campaigns, attackers used exploits against more zero-day vulnerabilities than ever before. The 23 zero-day vulnerabilities discovered by Symantec represented a 61 percent increase over 2012 and were more than the previous two years combined.

Join the CSO newsletter!

Error: Please check your email address.

Tags applicationssymantecspear-phishingsoftwaremega breachphishingdata protectionwatering hole attacksInternet Security Threat Report 2013

More about Symantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place