Cybercriminals literally leave no stone unturned, a recent report from the Anti-Phishing Working Group found.
As reported in TechNewsWorld, the report returned the alarming finding that roughly 33 percent of the world’s computers could likely have malware on them. The report reflects a four percent rise in malicious incursions from the last quarter and points to the ever-mounting threat posed by cybercriminals in a world of increased attack sophistication and limited power among authorities to keep incursions at bay.
Security expert Luis Corrons told TechNewsWorld that this rising number in infected machines shows that the creation of malware is an unstoppable criminal force.
“The creation of malware samples is skyrocketing,” he said. “It has doubled from the last quarter to the first quarter of this year.”
Here are some of the other statistics cited in the Working Group report that paint a rather bleak picture of the cybercriminal realm:
- Nearly 80 percent of new malware infections out there are Trojans, which Corrons said can be explained by the fact that, “At the end of the day, malware is created to steal information. Trojans are the most suitable malware to do that.” Corrons also pointed out that creators of Trojans are developing many unique strains, making it exceedingly difficult for antivirus software to pinpoint and suppress such a wide variety of versions.
- There are now more than 125,000 phishing sites out there, which represents the peak number of phishing platforms in existence in years. Each one of these site presents a potential threat to enterprise security.
Meanwhile, Separate Report Finds Breaches Increasingly Tied to Identity Fraud
As if the news that there are more malware attacks than ever weren’t enough, a separate report from the National Consumers League uncovered that malicious incursions are increasingly resulting in people’s identities getting stolen, according to Capital Public Radio.
According to the report — which covered 2013 — a full 33 percent of data attacks led to identity information being used maliciously.
John Breyault, a member of the group that carried out the report, said that the sheer number of victims whose identities are stolen places a responsibility on the federal government to enact better notification legislation so that customers and potential breach victims can be promptly notified if their personal data has possibly fallen into the clutches of a cybercriminal. By legally mandating breached organizations to be proactive about reaching out to possible victims, Breyault said such legislation could go a long way toward driving down the fallout from a breach.
In California such breach notification law already exists, and it’s been around since 2003. The state’s law stipulates that news of breaches impacting more than 500 victims must be transmitted from the breached business to the state.
But notification laws alone won’t do much to drive down cybercrime. After all, these various standards only come into play after an attack has happened. In order to actually mitigate the potentially devastating reality of an intrusion, all organizations are advised to implement enterprise security.