In four months, 400 companies in the United States recorded 32 million attacks in the last four months, according to Fortinet’s cyber threats estimation program. The most vulnerable is the financial sector, which was targeted by more than 40% of attacks. Cybercriminals are also interested in the education and health sectors. Companies are increasingly aware of the risk. Nearly 10% of IT spending is spent on improving network security.
– Every sector can be and is a target of cybercriminals’ attacks, Fortinet’s director for Poland, Ukraine and Belarus, in an interview with – We conducted an analysis of 400 companies. Within 4 months, we recorded 32 million attempts of attacks on corporate networks, which gives the scale of about 700 attacks per day on each of them.
The Fortinet’s pilot stage of the cyber threats estimation program shows that companies from the financial sector are the most frequent victims of attacks (44%). Hackers use a “land-and-expand” strategy to break through and remain active in a given network. They also use advanced Trojans.
– Cybercriminals want to easily get money at the source. Stealing sensitive information is a practice that takes place practically every day. Hackers attack and steal such information as credit card numbers, bank debtors’ lists or photos of celebrities or politicians, and then trade them in public spaces. Often the websites of companies are compromised and hackers raise funds for other activities in this way – explains the expert.
Hackers are also interested in the education sector, where over 27% of attacks were carried out, and in the health sector (about 10% of attacks).
During the Fortinet analysis, it was found that one in six of the surveyed networks contains previously unidentified infected computer groups. The survey revealed the presence of 71 varieties of malicious software in networks, the most common of which were Conficker worm (5.2 thousand cases of infection), Nemucod trojan (4.2 thousand) and Zero Access (3.2 thousand).
– The first step to protection is to build awareness of threats within the company, among the management and employees. Then the company should assess the state of risk and possible losses. It would also be best to cooperate with external experts who will help the company to build a security policy and then implement a proper security system.
Sensitive company data is often attacked by multimedia streaming and social media activity. Peer-to-peer activity, primarily through online gaming, opens up networks to malware attached to applications and files downloaded from websites. During the analysis, over 357 thousand attempts of attacks through applications were identified.
The growing threat makes companies try to better prepare for possible attacks and invest in systems that aim to improve the security of the network.
– With globalisation and a growing number of Internet services, companies are increasingly spending more and more on security. In the structure of expenditure on IT it is about 10% of the budget. An increasingly common practice in the U.S. is the fact that the security measures are created before the company connects to the Internet, which until a few years ago was not a common practice.
Cybercriminals are increasingly targeting companies in the financial and education sectors
