Feature Articles

Symantec ISTR 2017: Cybercrime performance review

By Lionell Go Macahilig - 4 May 2017

Symantec ISTR 2017: Cybercrime performance review

symantec, istr, cybercrime, cyber attacks, cybercriminals, north korea, bangladesh, malicious emails, phishing, ransomware, cloud, cloud computing, internet security, threats

The year that was

Multimillion dollar bank heists, politically-motivated cyber attacks, and the rise of ransomware were among the main elements that underscored the recent 2017 Internet Security Threat Report (ISTR) released by the software security firm Symantec.

“New sophistication and innovation are the nature of the threat landscape, but this year Symantec has identified seismic shifts in motivation and focus,” said Peter Sparkes, Senior Director, Cyber Security Services, Asia Pacific & Japan, Symantec. “The world saw specific nation states double down on political manipulation and straight sabotage. Meanwhile, cyber criminals caused unprecedented levels of disruption by focusing their exploits on relatively simple IT tools and cloud services.”

symantec, istr, cybercrime, cyber attacks, cybercriminals, north korea, bangladesh, malicious emails, phishing, ransomware, cloud, cloud computing, internet security, threats

Politically-motivated cyber attacks

ISTR cited the growing trend where cybercriminals, with support from some state-sponsored groups, are now trying to gain political influence by implementing campaigns that are designed to destabilize and disrupt organizations and governments in various countries. Cybercriminals are also working on launching virtual attacks on banks in order to fund these campaigns. Interestingly, ISTR pointed out for the first time that nation states are starting to become involved in these attacks. Symantec revealed proofs linking North Korea to the bank attacks in countries like Bangladesh, Ecuador, Poland, and Vietnam.

Email still a top choice among cybercriminals

Email as a vehicle of choice remains the most popular among cybercriminals in transmitting threats to target users. ISTR pointed out that one in 131 emails contained a malicious link or attachment, the highest rate in five years. Spear-phishing emails scammed more than USD 3-billion from businesses over the last three years, targeting 400 businesses every day.

symantec, istr, cybercrime, cyber attacks, cybercriminals, north korea, bangladesh, malicious emails, phishing, ransomware, cloud, cloud computing, internet security, threats

Ransomware on the rise

ISTR also revealed that more than 100 new malware families were released into the wild, resulting in a 36% increase in ransomware attacks worldwide. The United States remains the top country targeted by ransomware attacks, in which 64% of its ransomware victims are willing to pay ransom, compared to 34% globally. Cybercriminals who are using ransomware are now demanding an average of USD 1,077 per victim, much higher than USD 294 in the previous year.  

Cybercriminals are also on the cloud

With more and more companies hopping on the cloud bandwagon, cybercriminals are also switching to the cloud to find new victims. ISTR reported that in 2016, tens of thousands of cloud databases from a single provider were hijacked and held for ransom after users left outdated databases open on the Internet without authentication being enabled. Smart devices that are brought by the employees to the workplace are introducing cloud apps to the network, which can be used by the cybercriminals as an avenue to enter the system.  

To view the details of Symantec’s ISTR, visit the following link.