Cyber attackers are infiltrating networks and evading detection by hijacking the infrastructure of major corporations and using it against them besides exploiting vulnerabilities within a very short time, said Symantec, a security and anti-virus company.
“Attackers don’t need to break down the door to a company’s network when the keys are readily available,” Tarun Kaura, director of Symantec India, said.
“We’re seeing attackers trick companies into infecting themselves by trojanizing software updates to common programmes and patiently waiting for their targets to download these – giving attackers unfettered access to the corporate network,” he said.
In a research conducted by the company, it was revealed that it took software companies an average of 59 days to create and roll out patches — up from only four days in 2013.
“Attackers took advantage of the delay and… leapt to exploit the vulnerability within four hours. There were 24 ‘zero-day’ vulnerabilities discovered in 2014, leaving an open playing field for attackers to exploit known security gaps before they were patched,” it said.
A zero-day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it — this exploit is called a zero day attack.
Uses of zero-day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero-day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users.
According to the cybersecurity firm, globally advanced attackers continued to breach networks with highly-targeted spear-phishing attacks, which increased a total of eight percent in 2014.
“What makes last year particularly interesting is the precision of these attacks which used 20 percent fewer emails to successfully reach their targets and incorporated more drive-by malware downloads and other web-based exploits,” it said.
According to the research, last year India moved up five places to become the 16th most bot-infected country worldwide.
“However, despite higher security awareness, the Indian metros reported close to 65 percent of infections across cities like Mumbai, Bangalore, Cochin, Hyderabad, Pune and Delhi.”
“Countries that have a high number of bot-infected machines are often a source for Distributed Denial of Service attacks that attempt to make an online service unavailable by overwhelming it with traffic from multiple sources,” the research revealed.