In April, Symantec released its latest Internet Security Threat Report. The report included cumulative security data from 2012 and provided insight into what can be expected in 2013. There were several major shifts across the Internet security landscape in 2012.
The Median Number of Profiles Stolen Per Data Breach Increased by 350%
Experts quickly pointed out the number of identities stolen per breach in 2012 decreased significantly (604,826 stolen per breach). That statistic is misleading. 2011 was a record year for stolen identities with 5 major data breaches in which more than 10 million identities were stolen. The median number of identities stolen per breach is a better statistic to consider. The median number of identities stolen per breach in 2012 increased 350% from 2,400 in 2011 to 8,350 in 2012.
Watering Hole Attacks – A Whole New Threat
The “Watering Hole Attack” is a new innovation in targeted attacks. This sophisticated approach to data theft targets consumers. It is a four step process:
- The attacker profiles their victim and the website they visit
- The attacker tests websites for vulnerabilities
- When a compromised site is found, the attacker injects malicious code to redirect the victim to a different site which hosts the exploit code
- The compromised site is now waiting to infect the profiled victim with a zero-day exploit
Drive By Downloads Increased by 30%
Web-based attacks, primarily drive by downloads, increased by 30% in 2012. The good news is the number of new vulnerabilities increased by only 6%, which means these attacks primarily affect consumers who do not update their software. These are not zero-day attacks. Symantec experts state the rise in web-based attacks is primarily due to the surge in malvertising.
Fake Offerings are the Most Popular Type of Social Media Attack
Scammers and spammers follow the crowd so they constantly have access to a large group of potential targets. In 2012, the most common type of attack was the fake offering. Scammers invite social network users to join a fake event or group. They incentivize their offer with the promise of a free gift card or discount. To join, users then share sensitive information with the attacker, such as their mobile phone number. This allows the attacker to send a text from the user’s phone to a premium rate number. Other popular social media attacks include manual sharing scams, likejacking, fake plug-in scams, and copy/paste scams.
Every Type of Mobile Attack Increased in 2012
The short story in mobile Internet security is every type of attack has increased. Threats which increased the most are android exploits, privacy leaks, premium number fraud, and mobile botnets. Taking mobile device security seriously is more important than ever.
The latest Symantec report highlights the ever-changing trends in Internet threats and security. 2012 introduced several new threats and highlighted the importance of online identity protection as attackers target consumers on all fronts. The best way to minimize the odds of becoming a target is by taking proactive steps to secure every device that connects to the Internet. One of those proactive steps is using a personal VPN for desktop and mobile devices.
VyprVPN provides a secure, encrypted connection to the Internet to protect user privacy and security. VyprVPN Desktop and Mobile apps make it easy to connect to VyprVPN with a single click or tap. Protect your Internet connection while at home or on the go!
Our approach is unique in the VPN industry – we own, engineer and manage our VPN servers so we can deliver the fastest VPN speeds in the world. We didn’t invent VPN, we optimized VyprVPN for modern broadband connections. Other VPN providers use 3rd party companies to host their VPN servers. We don’t. We are the only company who handles your data so your privacy and security are protected from end-to-end.