Beware: Cybercriminals now adopting ‘corporate best practices’

Cybercriminals are now adopting corporate best practices and establishing professional businesses to hoodwink and increase efficiency of their attacks against victims, Symantec’s Internet Security Threat Report (ISTR) has revealed.

According to the report, this new class of professional cybercriminal spans the entire ecosystem of attackers, extending the reach of enterprise and consumer threats and fueling the growth of online crime.

“Advanced criminal attack groups now echo the skill sets of nation-state attackers. They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours and even take the weekends and holidays off,” Kevin Haley, director, Symantec Security Response says. “We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams.”[quote font_size=”22″ font_style=”italic” align=”right” bgcolor=”#” color=”#” bcolor=”#” arrow=”yes”]Advanced professional attack groups are the first to leverage zero-day vulnerabilities, using them for their own advantage or selling them to lower-level criminals on the open market where they are quickly commoditized. In 2015, the number of zero-day vulnerabilities discovered more than doubled to a record-breaking 54, a 125 percent increase from the year before, reaffirming the critical role they play in lucrative targeted attacks.[/quote]

Advanced professional attack groups are the first to leverage zero-day vulnerabilities, using them for their own advantage or selling them to lower-level criminals on the open market where they are quickly commoditized. In 2015, the number of zero-day vulnerabilities discovered more than doubled to a record-breaking 54, a 125 percent increase from the year before, reaffirming the critical role they play in lucrative targeted attacks.

Zero-day vulnerabilities are flaws in a software which hackers quickly take advantage of before it is fixed by the software developer.

Meanwhile, malware increased at a staggering rate with 430 million new malware variants discovered in 2015. The sheer volume of malware proves that professional cyber criminals are leveraging their vast resources in attempt to overwhelm defenses and enter corporate networks.