Cyber Attackers exploiting Security Gaps very Quickly: Symantec

By Gizbot Bureau
|

Cyber attackers are infiltrating networks and evading detection by hijacking the infrastructure of major corporations and using it against them besides exploiting vulnerabilities within a very short time, a security and anti-virus company said on Wednesday.

Cyber attackers exploiting security gaps very quickly: Symantec

"Attackers don't need to break down the door to a company's network when the keys are readily available," Tarun Kaura, director of technology sales of Symantec India, said.

Recommended: Most Facebook users at Cyberbullying Risk

"We're seeing attackers trick companies into infecting themselves by trojanizing software updates to common programmes and patiently waiting for their targets to download these - giving attackers unfettered access to the corporate network," he said.

Cyber attackers exploiting security gaps very quickly: Symantec

In a research conducted by the company, it was revealed that it took software companies an average of 59 days to create and roll out patches -- up from only four days in 2013.

Recommended: Cyber Criminals will soon Exploit IoT Networks: Websense

"Attackers took advantage of the delay and leapt to exploit the vulnerability within four hours. There were 24 'zero-day' vulnerabilities discovered in 2014, leaving an open playing field for attackers to exploit known security gaps before they were patched," it said.

Cyber attackers exploiting security gaps very quickly: Symantec

A zero-day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it -- this exploit is called a zero day attack.

Recommended: Top 10 Best Smartphones with Gorilla Glass Protection in India Under Rs 10,000

Uses of zero-day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term "zero-day" refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users.

According to the cybersecurity firm, globally advanced attackers continued to breach networks with highly-targeted spear-phishing attacks, which increased a total of eight percent in 2014.

"What makes last year particularly interesting is the precision of these attacks which used 20 percent fewer emails to successfully reach their targets and incorporated more drive-by malware downloads and other web-based exploits," it said.

According to the research, last year India moved up five places to become the 16th most bot-infected country worldwide.

"However, despite higher security awareness, the Indian metros reported close to 65 percent of infections across cities like Mumbai, Bangalore, Cochin, Hyderabad, Pune and Delhi."

"Countries that have a high number of bot-infected machines are often a source for Distributed Denial of Service attacks that attempt to make an online service unavailable by overwhelming it with traffic from multiple sources," the research revealed.

Source: IANS

Best Mobiles in India

Read More About: cyber symantec news technology

Best Phones

Get Instant News Updates
Enable
x
Notification Settings X
Time Settings
Done
Clear Notification X
Do you want to clear all the notifications from your inbox?
Yes No
Settings X
X