Cyber crims adopt “best practice”

M24025-1A_C 001

M24025-1A_C 001

Hackers and cyber-criminals are acting a lot more professional and adopting all those annoying “best practice” systems and standards.

A new report says that the approach is improving the efficiency of their attacks against enterprises and consumers.

Kevin Haley, director, Symantec Security Response said that advanced criminal attack groups now echo the skill sets of nation-state attackers.

“They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours and even take the weekends and holidays off. We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams.”

These professional attack groups are the first to leverage zero-day vulnerabilities, using them for their own advantage or selling them to lower-level criminals on the open market where they are quickly commoditised.

In 2015, the number of zero-day vulnerabilities discovered more than doubled to a record-breaking 54, a 125 percent increase from the year before, reaffirming the critical role they play in lucrative targeted attacks, according to Symantec’s Internet Security Threat Report.

Meanwhile, malware increased at a staggering rate with 430 million new malware variants discovered in 2015. The sheer volume of malware proves that professional cybercriminals are leveraging their vast resources in attempt to overwhelm defenses and enter corporate networks.