The war between legitimate data users and criminals interested in exploiting their data escalated again in 2011, as the number of malicious attacks on computer systems rose 81 percent from the previous year. That’s according to web security vendor Symantec, which just released an annual report on the subject.
The company, which said it blocked more than 5.5 million attacks over the year, attributes the increase to more sophisticated malware, new threats to mobile devices and thieves’ exploitation of social networks to reach new victims.
One of the most serious types of online criminality is targeted attacks intended to steal customer data or high-value secrets. While the term “corporate espionage” may conjure up images of huge, sophisticated technology enterprises, the report found that half of all targeted attacks were launched against companies with no more than 2,500 employees. A full 18 percent of the targets had 250 workers or fewer. Symantec said that may reflect attempts to reach high-value targets through their vendors or partners.
The industries most likely to be targeted for attacks were government, manufacturing and finance, and the specific people most likely to be hit were company executives.
Data breaches exposed more than 232.4 million identities during 2011. Health care companies accounted for by far the largest number of breaches, 43 percent of the total, but breaches in computer software and information technology tended to be much more significant, with those two industries accounting for 85 percent of exposed identities.
The growth of bring-your-own-device policies creates a huge new area of concern for companies, which are now more likely to be vulnerable to whatever malware employees picks up by using their social networks or by downloading software for their personal use. Another trend that calls for increased caution is the growing use of cloud computing, which demands data encryption, security around how data can be accessed and attention to the credentials of all IT support firms involved in the system.
The news from 2011 wasn’t all bad, though. The report found that the amount of spam dropped, largely thanks to law enforcement action against Rustock, a worldwide network that had sent huge amounts of spam. The percentage of email that was spa fell from 88.5 percent to 75.1 percent in 2011.