69 pc of targeted cyber attacks in India on large companies: Symantec
Apr 24 2014 , New Delhi
There is a significant shift in cyber-criminal behaviour, with the bad guys plotting for months before pulling off huge heists instead of quicker hits with smaller rewards, Symantec India Technology Sales Director Tarun Kaura told PTI.
"They are focussing on large enterprises, with over 69 per cent of the targeted attacks in India carried out on them," he added.
Globally, targeted attacks were up 91 per cent in 2013 and lasted an average of three times longer compared to 2012.
The number of "mega breaches" is on the rise, according to Symantec's Internet Security Threat Report, Vol 19. Globally, there was a 62 per cent increase in the number of data breaches from the previous year, resulting in more than 552 million identities exposed.
Each of the eight top data breaches in 2013 resulted in the loss of tens of millions of data records. By comparison, 2012 had only a single data breach that reached the threshold.
"One mega breach can be worth 50 smaller attacks. While the level of sophistication continues to grow among attackers, what was surprising was their willingness to be a lot more patient -– waiting to strike until the reward is bigger and better," he said.
The size and scope of breaches is exploding, putting the trust and reputation of businesses at risk and increasingly compromising consumers' personal information from credit card numbers to passwords and bank account details, he added.
"The potential for huge paydays means large-scale attacks are here to stay. Companies of all sizes need to re-examine, re-think and possibly re-architect their security posture," Kaura said.
The report found that support functions with access to critical data emerged as the strongest target for attackers.
"Personal assistants and those working in public relations were the two most targeted professions as cyber criminals use them as a stepping stone toward higher-profile targets like celebrities or business executives," he said.