Symantec’s 2017 Internet Security Threat Report reads more like a catalog of horrors for CIS and their staffs, with cyber spies and criminals running amuck everywhere.
Symantec study found that cyber attackers are moving away from customized malware and relying more on legitimate software tools—like email–to compromise targeted networks. Symantec reports that one in 131 emails contained malware, the highest rate in five years. And Business Email Compromise (BEC) scams, relying on spear-phishing emails, targeted over 400 businesses every day, draining $3 billion over the last three years.
Diginomica readers will recall that it was a simple spear-fishing email—a spoofed email instructing Hillary Clinton’s campaign manager John Podesta to reset his Gmail password–that got Russian hackers into the Democratic National Committee’s database, allowing them to release reams of information damaging to the Clinton campaign. Said Symantec:
Attackers are increasingly attempting to hide in plain sight. They rely on straightforward approaches, such as spear-phishing emails and “living off the land” by using whatever tools are on hand, such as legitimate network administration software and operating system features.