Symantec has published its Internet Security Threat Report (ISTR) for 2013. Volume 19 of the ISTR reveals that the number of mega data breaches has increased considerably compared to the previous year.
The figures show that the number of data breaches suffered by in 2013 increased by 62% compared to 2012. A total of 552 million identifies were exposed last year, compared to 93 million exposed in 2012.
As far as mega data breaches are concerned, a total of 8 were reported in 2013. That’s a lot if we consider that only one was reported in 2012.
“One mega breach can be worth 50 smaller attacks. While the level of sophistication continues to grow among attackers, what was surprising last year was their willingness to be a lot more patient – waiting to strike until the reward is bigger and better,” said Kevin Haley, director of Security Response.
“Nothing breeds like success – especially if you’re a cybercriminal,” Haley noted. “The potential for huge paydays means large-scale attacks are here to stay. Companies of all sizes need to re-examine, re-think and possibly re-architect their security posture.”
As far as targeted attacks are concerned, the report shows that their number increased by 91%. Each attack lasted, on average, three times longer than in the previous year. Individuals working in PR and personal assistants were the most attractive targets in such operations.
A total of 23 zero-days were uncovered last year and experts have found that one in eight websites contain critical vulnerabilities. Web-based attacks have reportedly increased by 23%.
“Security incidents, managed well, can actually enhance customer perceptions of a company; managed poorly, they can be devastating. If customers lose trust in a company because of the way the business handles and privacy, they will easily take their business elsewhere,” explained Ed Ferrara, VP and principal analyst at Forrester Research.
The complete Symantec Internet Security Threat Report (ISTR), Volume 19, is available for download on the company’s website. The report also contains recommendations on the steps that businesses and consumers can take to protect themselves against cyber threats.