Cyber Attackers exploiting Security Gaps very Quickly: Symantec

Posted By: Gizbot Bureau

    Cyber attackers are infiltrating networks and evading detection by hijacking the infrastructure of major corporations and using it against them besides exploiting vulnerabilities within a very short time, a security and anti-virus company said on Wednesday.

    Cyber attackers exploiting security gaps very quickly: Symantec

    "Attackers don't need to break down the door to a company's network when the keys are readily available," Tarun Kaura, director of technology sales of Symantec India, said.

    Recommended: Most Facebook users at Cyberbullying Risk

    "We're seeing attackers trick companies into infecting themselves by trojanizing software updates to common programmes and patiently waiting for their targets to download these - giving attackers unfettered access to the corporate network," he said.

    Cyber attackers exploiting security gaps very quickly: Symantec

    In a research conducted by the company, it was revealed that it took software companies an average of 59 days to create and roll out patches -- up from only four days in 2013.

    Recommended: Cyber Criminals will soon Exploit IoT Networks: Websense

    "Attackers took advantage of the delay and leapt to exploit the vulnerability within four hours. There were 24 'zero-day' vulnerabilities discovered in 2014, leaving an open playing field for attackers to exploit known security gaps before they were patched," it said.

    Cyber attackers exploiting security gaps very quickly: Symantec

    A zero-day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it -- this exploit is called a zero day attack.

    Recommended: Top 10 Best Smartphones with Gorilla Glass Protection in India Under Rs 10,000

    Uses of zero-day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term "zero-day" refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users.

    According to the cybersecurity firm, globally advanced attackers continued to breach networks with highly-targeted spear-phishing attacks, which increased a total of eight percent in 2014.

    "What makes last year particularly interesting is the precision of these attacks which used 20 percent fewer emails to successfully reach their targets and incorporated more drive-by malware downloads and other web-based exploits," it said.

    According to the research, last year India moved up five places to become the 16th most bot-infected country worldwide.

    "However, despite higher security awareness, the Indian metros reported close to 65 percent of infections across cities like Mumbai, Bangalore, Cochin, Hyderabad, Pune and Delhi."

    "Countries that have a high number of bot-infected machines are often a source for Distributed Denial of Service attacks that attempt to make an online service unavailable by overwhelming it with traffic from multiple sources," the research revealed.

    Source: IANS

    Read More About: cyber symantec news technology

    Stay updated with latest technology news & gadget reviews - Gizbot

    We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Gizbot sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Gizbot website. However, you can change your cookie settings at any time. Learn more