Monday, October 21, 2013

Cyberattacks against major firms “double in one year


Cyber attacks have doubled in the year 2012-2013, according to a fraud report released by investigators Kroll – and a third of large companies still do not invest in security.

In a poll of senior executives from large, global companies, Kroll found that 35% of firms had been victims of external hackers. The figure for the previous year was 18%, according to a report by the Financial Times.
Cybercrime now hits one in five companies worldwide, according to data released by investigations firm Kroll – with information theft now causing major losses to many large companies.

Such attacks are typically “an inside job”, Kroll claims – in 39% of cases, the attacker is known to the firm, up from 37% last year.

Theft of information, such as in data breaches where usernames and passwords are stolen, is now second only to physical theft in terms of frauds suffered by companies worldwide.
It’s unclear, though,, whether such attacks are rising at enormous speed – or simply that companies are now aware they have happened.

“Companies are now far more aware of the situation and can identify what’s going on” said EJ Hilbert, Kroll’s UK head of cyber investigations. “But also there’s a lack of understanding of how [the attacks are] done.”

Just 68% of companies polled reported that they invested in IT security – with a third not investing at all.  Kroll said, “This  raises the question of how exposed the other third might be.”

ESET Researcher Stephen Cobb offers advice on securing valuable data in a blog here.
Kroll’s poll found that 75% of respondents felt “vulnerable” to hacking. Kroll polled 900 senior executives from large companies around the world, many with revenues over $500m.

Ironically, Kroll  may have been victims of information theft, according to a report by Brian Krebs – by hackers linked to the recent breach of Adobe’s systems.


“KrebsOnSecurity first became aware of the source code leak roughly one week ago,” Krebs wrote, “When this author – working in conjunction with fellow researcher Alex Holden, CISO of Hold Security LLC – discovered a massive 40 GB source code trove stashed on a server used by the same cyber criminals believed to have hacked into major data aggregators earlier this year, including LexisNexis, Dun & Bradstreet and Kroll. The hacking team’s server contained huge repositories of uncompiled and compiled code that appeared to be source code for ColdFusion and Adobe Acrobat.”

Share

Twitter Delicious Facebook Linkedin Stumbleupon Favorites More