Symantec Report Says Huge Data Breaches, Targeted Attacks Defined 2013
Identities lost to breaches reached an all time high in 2013, while targeted attacks focused on a greater number of smaller groups, according to Symantec's annual Internet Security Threat Report.Attackers made off with more than 550 million identities in 2013, the largest loss to date, according to security firm Symantec's Internet Security Threat Report released on April 8. The return of "mega breaches" that resulted in the loss of 10 million or more records was a major trend identified by the company in its annual report. In 2013, there were eight mega breaches—such as the compromise of retail giant Target and that of software maker Adobe—outpacing the five large breaches in 2011. "The number of breaches this year far surpasses any other year," Kevin Haley, director of Symantec's security response group, said in a statement. "The numbers confirm what the news accounts of these breaches told us, that this is the worst year ever." The larger number of breaches was not the only trend in 2013. In addition, targeted attacks became more focused, with a greater number of attacks occurring, but averaging fewer emails per incident, the company said. Ransomware also exploded in 2013, growing by 500 percent in most part due to the popularity of the CryptoLocker attack among cyber-criminals.
While the number of small and medium businesses targeted by attackers climbed in 2013—reaching 61 percent of reported attacks, up from 50 percent in 2012—larger companies still had a higher chance of being attacked than smaller firms, the report stated. SMBs have a 1 in 5.2 chance of being attacked while larger companies have a 1 in 2.3 chance, according to the report.