Companies are struggling to fend off cyber attacks as hackers get faster, sneakier and more creative.
A new report from Internet security firm Symantec provides an alarming picture of how difficult it’s becoming for computer users to stay safe online.
Last year was a big one for high-profile cybercrime, from the Heartbleed bug to major corporate attacks, and Sony’s embarrassing hack.
Symantec’s analysis of security threats in 2014 revealed thieves are working faster than companies can defend themselves, and launching more malicious attacks than in previous years.
More than 317 million new pieces of malware — computer viruses or other malicious software — were created last year. That means nearly one million new threats were released each day.
Directed attacks and data breaches also grew. Five out of six large companies were targeted by cybercriminals, a 40% rise on the previous year. The mining industry was the world’s most targeted sector.
But it’s some of the newer scams that might make tech users particularly nervous. Here are a few examples:
Digital exortion: Cyberthieves are increasingly blackmailing victims and so-called ransomware attacks surged 113% last year. Hackers steal files or photos from a victim’s computer and demand a ransom — typically between $300 and $500 — in exchange for a key to decrypt their files.
Sophisticated attacks: Hackers are breaching networks with more targeted, selective attacks. Here’s a common ploy: Hackers hide malware inside software updates and wait for user to install the update — meaning companies are essentially infecting themselves.
Social media: Scams on social platforms are also on the rise. Victims do the work of the cybercriminals by sharing videos or stories with their friends that include links to sketchy sites. Symantec said these lucrative swindles spread rapidly because people are more likely to click on something posted by a friend.
“Likejacking” is another one: Using fake “like” buttons, hackers trick people into clicking on website buttons that install malware and may post updates on a user’s news feed, spreading the attack.