There was a 40% increase in the number cyber-attacks carried out on large companies in 2014, as criminals hijack infrastructures and attack from within, according to IT security firm Symantec.
Symantec’s Internet security threat report found that the time taken for software suppliers to roll out security patches took an average of 59 days – compared to only 4 days in 2013. This allowed cyber criminals to carry out their attacks while companies were more vulnerable.
The report also revealed cyber criminals “are infiltrating networks and evading detection by hijacking the infrastructure of major corporations and using it against them”.
Symantec security response director Kevin Haley said attackers aren't having to break in to a company's network as access is readily available.
Another finding in the report highlighted an 8% increase in the number of targeted spear-phishing attacks in 2014 compared with 2013. It said these attacks used 20% fewer emails to successfully reach their targets.
Symantec also revealed that attackers were using stolen email accounts from one corporate victim to spear-phish other victims.
The report said hackers experiment with new attack methods across mobile devices and social networks to reach more people, with less effort.
“Cyber criminals are inherently lazy; they prefer automated tools and the help of unwitting consumers to do their dirty work,” said Haley. “Last year , 70% of social media scams were shared manually, as attackers took advantage of people’s willingness to trust content shared by their friends.”
To avoid such attacks, please refer to the below article that provides some useful tips to combat hackers.