April 15, 2016 By Larry Loeb 2 min read

Symantec’s new “2016 Internet Security Threat Report” summarized some troubling trends that affect the security of computer users on networks.

In the 80-page report, the firm discovered a total of more than 430 million unique pieces of malware in 2015, up 36 percent from 2014. A new zero-day vulnerability was discovered, on average, once each week in 2015. Symantec puts the cumulative number at 54, which is a 125 percent increase from the year before.

Zero-Day Vulnerabilities on the Rise

Attack groups exploit these zero-day vulnerabilities until they are publicly exposed, at which point they drop them in favor of other newly discovered vulnerabilities, according to Symantec. The report noted the hunt for zero-day exploits is being professionalized rather than executed by lone cybercriminals.

Symantec also found the most attractive target is widely used software such as Internet Explorer and Adobe Flash Player. In fact, the report said four of the five most exploited zero-day vulnerabilities in 2015 were in Flash.

Microsoft was also a popular target for malicious zero-day developers. The top 10 zero-day vulnerabilities found targeting MS software were distributed across Microsoft Windows (6), Internet Explorer (2) and Microsoft Office (2). Four other zero-day vulnerabilities focused on Android software.

Website Vulnerabilities

It’s not just zero-day attacks that cause problems. The threat report found that more than 75 percent of all legitimate websites have unpatched vulnerabilities that can be exploited.

More seriously, 15 percent of legitimate websites have critical vulnerabilities that allow cybercriminals to gain access to and manipulate these sites for their own purposes. Symantec attributed this to website administrators failing to secure their websites through the application of manufacturers’ patches.

Malware may also use site plugins as an infection vector. Windows obviously attracts many exploits because of its large user base, and the same applies to WordPress plugins. WordPress is estimated to power one-fourth of the world’s websites, and Symantec stated that “vulnerable plugins found on WordPress sites can and will be exploited.”

Nondisclosure by Victims

One trend causing worry among experts is companies choosing not to report the records they lost in a breach. This number rose by 85 percent, from 61 to 113.

“More and more companies aren’t actually revealing what was breached,” Kevin Haley, director of security response at Symantec, told CSO Online. “They will say attackers came and stole from us, but [are] not saying how many records were lost.”

Not all companies have to disclose all the details of every breach, he explained. The disclosure laws vary by location and industry.

Companies affected by a breach may worry that such acknowledgment will only inflame those whose records were breached, but disclosure is necessary to regain trust. There will never be effective security through obscurity. Only an open policy of dealing with all the effects of a breach can bring stability to a bad situation.

More from

Brands are changing cybersecurity strategies due to AI threats

3 min read -  Over the past 18 months, AI has changed how we do many things in our work and professional lives — from helping us write emails to affecting how we approach cybersecurity. A recent Voice of SecOps 2024 study found that AI was a huge reason for many shifts in cybersecurity over the past 12 months. Interestingly, AI was both the cause of new issues as well as quickly becoming a common solution for those very same challenges.The study was conducted…

39% of MSPs report major setbacks when adapting to advanced security technologies

4 min read - SOPHOS, a leading global provider of managed security solutions, has recently released its annual MSP Perspectives report for 2024. This most recent report provides insights from 350 different managed service providers (MSPs) across the United States, United Kingdom, Germany and Australia on modern cybersecurity tools solutions. It also documents newly discovered risks and challenges in the industry.Among the many findings of this most recent report, one of the most concerning trends is the difficulties MSPs face when adapting their service…

Hackers are increasingly targeting auto dealers

3 min read - Update as of July 11, 2024 In late June, more than 15,000 car dealerships across North America were affected by a cyberattack on CDK Global, which provides software to car dealers. After two cyberattacks over two days, CDK shut down all systems, which caused delays for car buyers and disruptions for the dealerships. Many dealerships went back to manual processes, including handwriting up orders, so that sales could continue at a slower pace. Car buyers who recently bought a car from…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today