Small Businesses At Risk From Targeted Local Attacks

News Release

Symantec report finds that more than a third of global targeted attacks are aimed against small businesses

Symantec Corp. (Nasdaq: SYMC) today announced the findings of its June 2012 Symantec Intelligence Report, which shows 36 percent of all targeted attacks (58 per day) during the last six months were directed at businesses with 250 or fewer employees. As reported in the recent ISTR, this figure was 18 percent at the end of December 2011.

During the first half of the year, the total number of daily targeted attacks continued to increase at a minimum rate of 24 percent with an average of 151 targeted attacks being blocked each day during May and June.

Large enterprises consisting of more than 2,500 employees are still receiving the greatest number of attacks, with an average 69 being blocked each day.

“There appears to be a direct correlation between the rise in attacks against smaller businesses and a drop in attacks against larger ones. It almost seems attackers are diverting their resources directly from the one group to the other,” said Paul Wood, cyber security intelligence manager, Symantec.

“It may be that your company is not the primary target, but an attacker may use your organisation as a stepping-stone to attack another company. You do not want your business to be the weakest link in the supply chain. Information is power, and the attackers know this, and successful attacks can result in significant financial advantage for the cyber criminals behind them. Access to intellectual property and strategic intelligence can give them huge advantages in a competitive market,” Wood said.

The defense industry (a sub category of the public sector) has been the targeted industry of choice in the first half of the year, with an average of 7.3 attacks per day.

The chemical/pharmaceutical and manufacturing sector maintain the number two and three spots. These targets have clearly received a smaller percentage of overall attention than in 2011, but the chemical/pharmaceutical sector is still hit by 1 in every 5 targeted attacks, while manufacturing still accounts for almost 10% of all targeted attacks.

“It is important to remember that although on the increase, targeted attacks are still very rare. Targeted attacks use customised malware and refined targeted social engineering to gain unauthorised access to sensitive information. We regard this as the next evolution of social engineering, where victims are researched in advance and specifically targeted,” Wood added.



Other Report Highlights:
Spam: In June, the global ratio of spam in email traffic fell by 1.0 percentage point since May, to 66.8 percent (1 in 1.5 emails). This follows the continuing trend of global spam levels diminishing gradually since the latter part of 2011.

Phishing: In June, the global phishing rate increased by 0.04 percentage points, taking the global average rate to one in 467.6 emails (0.21 percent) that comprised some form of phishing attack.

E-mail-borne Threats: The global ratio of email-borne viruses in email traffic was one in 316.5 emails (0.31 percent) in June, an increase of 0.04 percentage points since May. In June, 27.4 percent of email-borne malware contained links to malicious Web sites, 1.2 percentage points lower than May.

Web-based Malware Threats: In June, Symantec Intelligence identified an average of 2,106 web sites each day harboring malware and other potentially unwanted programmes including spyware and adware; a decrease of 51.7 percent since May.

Endpoint Threats: The most frequently blocked malware for the last month was WS.Trojan.H1. WS.Trojan.H is a generic, cloud-based, heuristic detection for files that possess characteristics of an as-yet unclassified threat.

Geographical Trends:
Spam
• As the global spam rate decreased, Hungary was the most spammed geography in June, with a spam rate of 74.3 percent.
• In the US, 66.4 percent of email was spam and 66.5 percent in Canada.
• The spam level in the UK was 67.2 percent.
• In the Netherlands, spam accounted for 68.9 percent of email traffic, 66.3 percent in Germany and 66.0 percent in Denmark.
• In Australia 66.1 percent of email was blocked as spam, 65.9 percent in Hong Kong and 65.8 percent in Singapore, compared with 63.4 percent in Japan.
• Spam accounted for 66.8 percent of email traffic in South Africa and 71.0 percent in Brazil.

Phishing
• The Netherlands was the country most targeted in June, with one in 54.4 emails identified as phishing attacks.
• Phishing levels for the US reached one in 1,261.5 and one in 332 for Canada.
• In Germany phishing levels were one in 1,043.7, one in 478.2 in Denmark.
• In Australia, phishing activity accounted for one in 708.2 emails and one in 1,182.9 in Hong Kong; for Japan it was one in 8,005.7 and one in 2,679 for Singapore.
• In Brazil one in 713 emails was blocked as phishing. In South Africa it was 1 in 170.9 emails.

E-mail-borne Threats
• The Netherlands was the geography with the highest ratio of malicious email activity in June, with one in 48.6 emails identified as malicious.
• In the UK, one in 209.9 emails was identified as malicious, compared with South Africa, where one in 414.1 emails was blocked as malicious.
• The virus rate for email-borne malware in the US was one in 570.2 and one in 271.3 in Canada.
• In Germany virus activity reached one in 385.4 and one in 438.4 in Denmark.
• In Australia, one in 598.3 emails was malicious. For Japan the rate was one in 2,372.8, compared with one in 862.7 in Singapore.
• In Brazil, one in 403.8 emails contained malicious content.

Vertical Trends:
• The automotive sector was again the most spammed industry sector in June, with a spam rate of 69.7 percent; the spam rate for the education sector was 68.2 percent.
• The spam rate for the chemical & pharmaceutical sector was 66.8 percent, compared with 66.4 percent for it services, 66.0 percent for retail, 67.2 percent for public sector and 66.2 percent for finance.
• The public sector remained the most targeted by phishing activity in June, with one in 113.9 emails comprising a phishing attack.
• Phishing levels for the chemical & pharmaceutical sector reached one in 1,201.2 and one in 986.8 for the it services sector, one in 835.3 for retail, one in 330.6 for education, one in 247.5 for finance, and one in 2,114.3 for the automotive industry.
• With one in 89.8 emails being blocked as malicious, the public sector remained the most targeted industry in June.
• The virus rate for the chemical & pharmaceutical sector reached one in 402.1 and one in 502.1 for the it services sector; one in 522.0 for retail, one in 219.8 for education and one in 204.2 for finance.

Market Trends:
• The spam rate for small to medium-sized businesses (1-250) was 66.4 percent, compared with 66.9 percent for large enterprises (2500+).
• Phishing attacks targeting small to medium-sized businesses accounted for one in 401.6 emails, compared with one in 402.9 for large enterprises.
• Malicious email-borne attacks destined for small to medium-sized businesses accounted for one in 306.8 emails, compared with one in 269.0 for large enterprises.

The June Symantec Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends.

Related
• SlideShare Presentation: June 2012 Symantec Intelligence Report
• Symantec.cloud Global Threats
• Symantec.cloud Intelligence Reports
• Symantec.cloud In the News
• Symantec.cloud Podcasts

Connect with Symantec
• Follow Symantec on Twitter
• Join Symantec on Facebook
• View Symantec’s SlideShare Channel
• Subscribe to Symantec News RSS Feed
• Visit Symantec Connect Business Community
About Symantec Intelligence Report
The Symantec Intelligence report provides the latest analysis of cyber security threats, trends and insights from the Symantec Intelligence team concerning malware, spam, and other potentially harmful business risks. The data used to compile the analysis for this combined report includes data from May and June 2012.

About Symantec
Symantec protects the world’s information, and is the global leader in security, backup and availability solutions. Our innovative products and services protect people and information in any environment – from the smallest mobile device, to the enterprise data center, to cloud-based systems. Our industry-leading expertise in protecting data, identities and interactions gives our customers confidence in a connected world. More information is available at www.symantec.com or by connecting with Symantec at: go.symantec.com/socialmedia.

ends

© Scoop Media