Comparison on Information Security threat Report (volume 21 -22): [Essay Example], 2410 words GradesFixer
This essay has been submitted by a student. This is not an example of the work written by professional essay writers.

Comparison on Information Security Threat Report (volume 21 -22)

downloadDownload printPrint

Pssst… we can write an original essay just for you.

Any subject. Any type of essay.

We’ll even meet a 3-hour deadline.

Get your price

121 writers online

Download PDF

Comparison on Information Security Threat Report (Volume 21 -22)

The latest Internet Security Threat Report (ISTR), Volume 21 (April 2016), reveals an organizational shift by cybercriminals: They are adopting corporate best practices and establishing professional businesses in order to increase the efficiency of their attacks against enterprises and consumers. This new class of professional cybercriminal spans the entire ecosystem of attackers, extending the reach of enterprise and consumer threats and fueling the growth of online crime. Advanced professional attack groups are the first to leverage zero-day vulnerabilities, using them for their own advantage or selling them to lower-level criminals on the open market where they are quickly commoditized. In 2015, the number of zero-day vulnerabilities discovered more than doubled to a record-breaking 54, a 125 percent increase from the year before, reaffirming the critical role they play in lucrative targeted attacks. Meanwhile, malware increased at a staggering rate with 430 million new malware variants discovered in 2015. The sheer volume of malware proves that professional cybercriminals are leveraging their vast resources in attempt to overwhelm defenses and enter corporate networks.

Pssst... we can write an original essay just for you

Any subject. Any type of essay.

We’ll even meet a 3-hour deadline.

121 writers online

Over Half a Billion Personal Information Records Stolen or Lost in 2015 Data breaches continue to impact the enterprise. In fact, large businesses that are targeted for attack will on average be targeted three more times within the year. Additionally, we saw the largest data breach ever publicly reported last year with 191 million records compromised in a single incident. There were also a record-setting total of nine reported mega-breaches. While 429 million identities were exposed, the number of companies that chose not to report the number of records lost jumped by 85 percent. A conservative estimate by Symantec of those unreported breaches pushes the real number of records lost to more than half a billion. Encryption Now Used as a Cybercriminal Weapon to Hold Companies’ and Individuals’ Critical Data Hostage Ransomware also continued to evolve in 2015, with the more damaging style of crypto-ransomware attacks growing by 35 percent. This more aggressive crypto-ransomware attack encrypts all of a victim’s digital content and holds it hostage until a ransom is paid. This year, ransomware spread beyond PCs to smartphones, Mac and Linux systems, with attackers increasingly seeking any network-connected device that could be held hostage for profit, indicating that the enterprise is the next target. Malaysia ranks 47th globally, and 12th regionally, in terms of ransomware attacks, with 5069 of attacks in 2015 averaging to 14 attacks per day.

Don’t Call Us, We’ll Call You: Cyber Scammers Now Make You Call Them to Hand Over Your Cash

As people conduct more of their lives online, attackers are increasingly focused on using the intersection of the physical and digital world to their advantage. In 2015, Symantec saw a resurgence of many tried-and-true scams. Cybercriminals revisited fake technical support scams, which saw a 200 percent increase last year. The difference now is that scammers send fake warning messages to devices like smartphones, driving users to attacker-run call centers in order to dupe them into buying useless services. Over Half a Billion Personal Records Were Stolen or Lost in 2015 More companies than ever are not reporting the full extent of their data breaches At the close of 2015, the world experienced the largest data breach ever publicly reported. An astounding 191 million records were exposed. It may have been the largest megabreach, but it wasn’t alone. In 2015, a record-setting total of nine mega-breaches were reported. (A mega-breach is defined as a breach of more than 10 million records.) The total reported number of exposed identities jumped 23 percent to 429 million. But this number hides a bigger story.

Need help with writing?

You can order professional work according to specific instructions and 100% plagiarism free.

In 2015, more and more companies chose not to reveal the full extent of the breaches they experienced. Companies choosing not to report the number of records lost increased by 85 percent. A conservative estimate by Symantec of those unreported breaches pushes the real number of records lost to more than half a billion. The fact that companies are increasingly choosing to hold back critical details after a breach is a disturbing trend. Transparency is critical to security. While numerous data sharing initiatives are underway in the security industry, helping all of us improve our security products and postures, some of this data is getting harder to collect. Major Security Vulnerabilities in Three Quarters of Popular Websites Put Us All at Risk Web administrators still struggle to stay current on patches There were over one million web attacks against people each and every day in 2015.

Many people believe that keeping to well-known, legitimate websites will keep them safe from online crime. This is not true. Cybercriminals continue to take advantage of vulnerabilities in legitimate websites to infect users, because website administrators fail to secure their websites. More than 75 percent of all legitimate websites have unpatched vulnerabilities. Fifteen percent of legitimate websites have vulnerabilities deemed ‘critical,’ which means it takes trivial effort for cybercriminals to gain access and manipulate these sites for their own purposes. It’s time for website administrators to step up and address the risks more aggressively. Ransomware Increased 35 Percent in 2015 Cyber criminals are using encryption as a weapon to hold companies’ and individuals’ critical data hostage Ransomware continues to evolve. Last year, we saw Crypto-ransomware (encrypting files) push the less damaging locker-style ransomware (locking the computer screen) out of the picture. Crypto-style ransomware grew 35 percent in 2015. An extremely profitable type of attack, ransomware will continue to ensnare PC users and expand to any network-connected device that can be held hostage for a profit. In 2015, ransomware found new targets and moved beyond its focus on PCs to smart phones, Mac, and Linux systems. Symantec even demonstrated proof-of-concept attacks against smart watches and televisions in 2015.

In 2016 the number of attacks are increased. Cyber attackers revealed new levels of ambition in 2016, a year marked by extraordinary attacks, including multi-million dollar virtual bank heists, overt attempts to disrupt the US electoral process by state-sponsored groups, and some of the biggest distributed denial of service (DDoS) attacks on record powered by a botnet of Internet of Things (IoT) devices. While cyber attacks managed to cause unprecedented levels of disruption, attackers frequently used very simple tools and tactics to make a big impact. Zero-day vulnerabilities and sophisticated malware now tend to be used sparingly and attackers are increasingly attempting to hide in plain sight. They rely on straightforward approaches, such as spear-phishing emails and “living off the land” by using whatever tools are on hand, such as legitimate network administration software and operating system features. Mirai, the botnet behind a wave of major DDoS attacks, was primarily composed of infected routers and security cameras, low-powered and poorly secured devices. In the wrong hands, even relatively benign devices and software can be used to devastating effect.

Targeted attacks: Subversion and sabotage come to the fore

The world of cyber espionage experienced a notable shift towards more overt activity, designed to destabilize and disrupt targeted organizations and countries. Cyber attacks against the US Democratic Party and the subsequent leak of stolen information were one of the major talking points of the US presidential election. With the US Intelligence Community attributing the attacks to Russia and concluding the campaign would have been judged a success, it is likely these tactics will be reused in efforts to influence politics and sow discord in other countries. Cyber attacks involving sabotage have traditionally been quite rare, but 2016 saw two separate waves of attacks involving destructive malware. Disk-wiping malware was used against targets in Ukraine in January and again in December, attacks which also resulted in power outages. Meanwhile the disk-wiping Trojan Shamoon reappeared after a four-year absence and was used against multiple organizations in Saudi Arabia. The upsurge in disruptive attacks coincided with a decline in some covert activity, specifically economic espionage, the theft of intellectual property, and trade secrets. Following a 2015 agreement between the US and China, which saw both countries promise not to conduct economic espionage in cyber space, detections of malware linked to suspected Chinese espionage groups dropped considerably. However, this does not mean economic espionage has disappeared entirely and comes at a time when other forms of targeted attack, such as subversion or high-level financial attacks, have increased.

Financial heists: Cyber attackers chase the big scores

Until recently, cyber criminals mainly focused on bank customers, raiding accounts or stealing credit cards. However, a new breed of attacker has bigger ambitions and is targeting the banks themselves, sometimes attempting to steal millions of dollars in a single attack. Gangs such as Carbanak have led the way, demonstrating the potential of this approach by pulling off a string of attacks against US banks. During 2016, two other outfits upped the ante by launching even more ambitious attacks. The Banswift group managed to steal US$81 million from Bangladesh’s central bank by exploiting weaknesses in the bank’s security to infiltrate its network and steal its SWIFT credentials, allowing them to make the fraudulent transactions.

Another group, known as Odinaff, was also found to be mounting sophisticated attacks against banks and other financial institutions. It too appeared to be using malware to hide customers’ own records of SWIFT messages relating to fraudulent transactions carried out by the group. While Banswift and Odinaff demonstrated some technical expertise and employed tactics associated with advanced groups, much less sophisticated groups also stole massive sums of money. Business email compromise (BEC) scams, which rely on little more than carefully composed spear-phishing emails, continue to cause major losses; more than $3 billion has been stolen in the past three years.

Living off the land. Attackers ranging from cyber criminals to state-sponsored groups have begun to change their tactics, making more use of operating system features, off-the-shelf tools, and cloud services to compromise their victims. The most high-profile case of a living off the land attack took place during the US elections. A simple spear-phishing email provided access to Hillary Clinton’s campaign chairman John Podesta’s Gmail account without the use of any malware or vulnerabilities. “Living off the land”—making use of the resources at hand rather than malware and exploits—provides many advantages to attackers. Identifying and exploiting zero days has become harder as improvements in secure development and bounty programs take hold. Web attack toolkits have fallen out of favor, likely due to the effort required in maintaining fresh exploits and a backend infrastructure. Powerful scripting tools, such as PowerShell and macros, are default features of Windows and Microsoft Office that can facilitate remote access and malware downloads without the use of vulnerabilities or malicious tools. Despite existing for almost 20 years, Office macros have reemerged on the threat landscape as attackers use social engineering techniques to easily defeat security measures that were put in place to tackle the erstwhile problem of macro viruses.

When executed well, living off the land approaches can result in almost symptomless infections, allowing attackers to hide in plain sight. Resurgence of email as favored attack channel Malicious emails were the weapon of choice for a wide range of cyber attacks during 2016, used by everyone from state- sponsored cyber espionage groups to mass-mailing ransomware gangs. One in 131 emails sent were malicious, the highest rate in five years. Email’s renewed popularity has been driven by several factors. It is a proven attack channel. It doesn’t rely on vulnerabilities, but instead uses simple deception to lure victims into opening attachments, following links, or disclosing their credentials.

Spear-phishing emails, such as spoofed emails instructing targets to reset their Gmail password, were used in the US election attacks. Ransomware squeezing victims with escalating demands Ransomware continues to plague businesses and consumers, with indiscriminate campaigns pushing out massive volumes of malicious emails. In some cases, organizations can be overwhelmed by the sheer volume of ransomware-laden emails they receive. Attackers are demanding more and more from victims with the average ransom demand in 2016 rising to $1,077, up from $294 a year earlier. Attackers have honed a business model that usually involves malware hidden in innocuous emails, unbreakable encryption, and anonymous ransom payment involving cryptocurrencies. The success of this business model has seen a growing number of attackers jump on the bandwagon. The number of new ransomware families uncovered during 2016 more than tripled to 98 and Symantec logged a 36 percent increase in ransomware infections.

New frontiers: IoT and cloud move into the spotlight

While ransomware and financial fraud groups continue to pose the biggest threat to end users, other threats are beginning to emerge. It was only a matter of time before attacks on IoT devices began to gain momentum, and 2016 saw the first major incident with the emergence of Mirai, a botnet composed of IoT devices such as routers and security cameras. Weak security made these devices easy pickings for attackers, who constructed a botnet big enough to carry out the largest DDoS attack ever seen. Symantec witnessed a twofold increase in attempted attacks against IoT devices over the course of 2016 and, at times of peak activity, the average IoT device was attacked once every two minutes.

Several of Mirai’s targets were cloud-related services, such as DNS provider Dyn. This, coupled with the hacking of millions of MongoDB databases hosted in the cloud, shows how cloud attacks have become a reality and are likely to increase in 2017. A growing reliance on cloud services should be an area of concern for enterprises as they present a security blind spot. Symantec found that the average organization was using 928 cloud apps, up from 841 earlier in the year. However, most CIOs think their organizations only use around 30 or 40 cloud apps, meaning the level of risk could be underestimated, leaving them open to attack from newly emergent threats.

The targeted attack landscape in 2016

2016 was an exceptionally active year for targeted attack groups, with notable incidents occurring in Europe, the US, Asia, and the Middle East. As the year progressed, the level of high-profile activity appeared to escalate, with politically subversive incidents directed at the United States and destruc-tive malware targeting Saudi Arabia and Ukraine. A wide range of targeted attack groups is in operation today. While the global powers all have a long-standing ability to conduct a variety of cyber operations, regional powers have also moved into cyber space with their own cyber espionage operations directed at rival countries and internal opposition groups. The Notable targeted attack groups graphic lists 10 of the most significant groups that were active in 2016 and that have been publicly connected to nation states.

infoRemember: This is just a sample from a fellow student.

Your time is important. Let us write you an essay from scratch

100% plagiarism-free

Sources and citations are provided

Find Free Essays

We provide you with original essay samples, perfect formatting and styling

Cite this Essay

To export a reference to this article please select a referencing style below:

Comparison on Information Security threat Report (volume 21 -22). (2018, September 14). GradesFixer. Retrieved April 19, 2021, from
“Comparison on Information Security threat Report (volume 21 -22).” GradesFixer, 14 Sept. 2018,
Comparison on Information Security threat Report (volume 21 -22). [online]. Available at: <> [Accessed 19 Apr. 2021].
Comparison on Information Security threat Report (volume 21 -22) [Internet]. GradesFixer. 2018 Sept 14 [cited 2021 Apr 19]. Available from:
copy to clipboard

Sorry, copying is not allowed on our website. If you’d like this or any other sample, we’ll happily email it to you.

    By clicking “Send”, you agree to our Terms of service and Privacy statement. We will occasionally send you account related emails.


    Attention! this essay is not unique. You can get 100% plagiarism FREE essay in 30sec

    Recieve 100% plagiarism-Free paper just for 4.99$ on email
    get unique paper
    *Public papers are open and may contain not unique content
    download public sample

    Sorry, we cannot unicalize this essay. You can order Unique paper and our professionals Rewrite it for you



    Your essay sample has been sent.

    Want us to write one just for you? We can custom edit this essay into an original, 100% plagiarism free essay.

    thanks-icon Order now

    Hi there!

    Are you interested in getting a customized paper?

    Check it out!
    Having trouble finding the perfect essay? We’ve got you covered. Hire a writer uses cookies. By continuing we’ll assume you board with our cookie policy.


    Haven't found the right essay?

    Get an expert to write you the one you need!


    Professional writers and researchers


    Sources and citation are provided


    3 hour delivery