Executive Briefings

More Than a Third of Global Cyber Attacks Aimed at Small Businesses, Research Shows

Thirty-six percent of all targeted attacks (58 per day) during the last six months were directed at businesses with 250 or fewer employees, according to the June 2012 Intelligence Report from Symantec. The figure was 18 percent at the end of December 2011.

During the first half of the year, the total number of daily targeted attacks continued to increase at a minimum rate of 24 percent with an average of 151 targeted attacks being blocked each day during May and June.

Large enterprises consisting of more than 2,500 employees are still receiving the greatest number of attacks, with an average 69 being blocked each day.

"There appears to be a direct correlation between the rise in attacks against smaller businesses and a drop in attacks against larger ones.

It almost seems attackers are diverting their resources directly from the one group to the other," said Paul Wood, cyber security intelligence manager at Symantec.

"It may be that your company is not the primary target, but an attacker may use your organization as a stepping-stone to attack another company. You do not want your business to be the weakest link in the supply chain. Information is power, and the attackers know this, and successful attacks can result in significant financial advantage for the cyber criminals behind them. Access to intellectual property and strategic intelligence can give them huge advantages in a competitive market," Wood said.

The defense industry has been the targeted industry of choice in the first half of the year, with an average of 7.3 attacks per day. The chemical/pharmaceutical and manufacturing sector maintain the number two and three spots. These targets have clearly received a smaller percentage of overall attention than in 2011, but the chemical/pharmaceutical sector is still hit by 1 in every 5 targeted attacks, while manufacturing still accounts for almost 10 percent of all targeted attacks.

"It is important to remember that although on the increase, targeted attacks are still very rare. Targeted attacks use customized malware and refined targeted social engineering to gain unauthorized access to sensitive information. We regard this as the next evolution of social engineering, where victims are researched in advance and specifically targeted," Wood said.

Other report Highlights:

Spam: In June, the global ratio of spam in email traffic fell by 1.0 percentage point since May, to 66.8 percent (1 in 1.5 emails). This follows the continuing trend of global spam levels diminishing gradually since the latter part of 2011.

Phishing: In June, the global phishing rate increased by 0.04 percentage points, taking the global average rate to one in 467.6 emails (0.21 percent) that comprised some form of phishing attack.

E-mail-borne threats: The global ratio of email-borne viruses in email traffic was one in 316.5 emails (0.31 percent) in June, an increase of 0.04 percentage points since May. In June, 27.4 percent of email-borne malware contained links to malicious Web sites, 1.2 percentage points lower than May.

Web-based malware threats: In June, Symantec Intelligence identified an average of 2,106 Web sites each day harboring malware and other potentially unwanted programs including spyware and adware - a decrease of 51.7 percent since May.

Endpoint threats: The most frequently blocked malware for the last month was WS.Trojan.H(1), a generic, cloud-based, heuristic detection for files that possess characteristics of an as-yet unclassified threat.

Vertical Trends:

-- The Automotive sector was again the most spammed industry sector in June, with a spam rate of 69.7 percent;

-- The spam rate for the Chemical & Pharmaceutical sector was 66.8 percent, compared with 66.4 percent for IT Services, 66.0 percent for Retail, 67.2 percent for Public Sector and 66.2 percent for Finance.

Source: Symantec

During the first half of the year, the total number of daily targeted attacks continued to increase at a minimum rate of 24 percent with an average of 151 targeted attacks being blocked each day during May and June.

Large enterprises consisting of more than 2,500 employees are still receiving the greatest number of attacks, with an average 69 being blocked each day.

"There appears to be a direct correlation between the rise in attacks against smaller businesses and a drop in attacks against larger ones.

It almost seems attackers are diverting their resources directly from the one group to the other," said Paul Wood, cyber security intelligence manager at Symantec.

"It may be that your company is not the primary target, but an attacker may use your organization as a stepping-stone to attack another company. You do not want your business to be the weakest link in the supply chain. Information is power, and the attackers know this, and successful attacks can result in significant financial advantage for the cyber criminals behind them. Access to intellectual property and strategic intelligence can give them huge advantages in a competitive market," Wood said.

The defense industry has been the targeted industry of choice in the first half of the year, with an average of 7.3 attacks per day. The chemical/pharmaceutical and manufacturing sector maintain the number two and three spots. These targets have clearly received a smaller percentage of overall attention than in 2011, but the chemical/pharmaceutical sector is still hit by 1 in every 5 targeted attacks, while manufacturing still accounts for almost 10 percent of all targeted attacks.

"It is important to remember that although on the increase, targeted attacks are still very rare. Targeted attacks use customized malware and refined targeted social engineering to gain unauthorized access to sensitive information. We regard this as the next evolution of social engineering, where victims are researched in advance and specifically targeted," Wood said.

Other report Highlights:

Spam: In June, the global ratio of spam in email traffic fell by 1.0 percentage point since May, to 66.8 percent (1 in 1.5 emails). This follows the continuing trend of global spam levels diminishing gradually since the latter part of 2011.

Phishing: In June, the global phishing rate increased by 0.04 percentage points, taking the global average rate to one in 467.6 emails (0.21 percent) that comprised some form of phishing attack.

E-mail-borne threats: The global ratio of email-borne viruses in email traffic was one in 316.5 emails (0.31 percent) in June, an increase of 0.04 percentage points since May. In June, 27.4 percent of email-borne malware contained links to malicious Web sites, 1.2 percentage points lower than May.

Web-based malware threats: In June, Symantec Intelligence identified an average of 2,106 Web sites each day harboring malware and other potentially unwanted programs including spyware and adware - a decrease of 51.7 percent since May.

Endpoint threats: The most frequently blocked malware for the last month was WS.Trojan.H(1), a generic, cloud-based, heuristic detection for files that possess characteristics of an as-yet unclassified threat.

Vertical Trends:

-- The Automotive sector was again the most spammed industry sector in June, with a spam rate of 69.7 percent;

-- The spam rate for the Chemical & Pharmaceutical sector was 66.8 percent, compared with 66.4 percent for IT Services, 66.0 percent for Retail, 67.2 percent for Public Sector and 66.2 percent for Finance.

Source: Symantec