SlideShare uma empresa Scribd logo
1 de 19
Baixar para ler offline
SYMANTEC INTELLIGENCE REPORT
JULY 2015
2 | July 2015
Symantec Intelligence Report
3		Summary
4	 July in Numbers
5		Targeted Attacks & Phishing
5	 Top 10 Industries Targeted in Spear-Phishing Attacks
5	 Spear-Phishing Attacks by Size of Targeted Organization
6	 Phishing Rate
6	 Proportion of Email Traffic Identified as Phishing by Industry Sector
7	 Proportion of Email Traffic Identified as Phishing by Organization Size
8		Vulnerabilities
8	 Total Number of Vulnerabilities
8	 Zero-Day Vulnerabilities
9	 Vulnerabilities Disclosed in Industrial Control Systems
10		Malware
10	 New Malware Variants
10	 Top 10 Mac OSX Malware Blocked on OSX Endpoints
11	 Ransomware Over Time
11	 Crypto-Ransomware Over Time
12	 Proportion of Email Traffic in Which Malware Was Detected
12	 Percent of Email Malware as URL vs. Attachment by Month
13	 Proportion of Email Traffic Identified as Malicious by Industry Sector
13	 Proportion of Email Traffic Identified as
Malicious by Organization Size
14		Mobile & Social Media
14	 Android Mobile Malware Families by Month
14	 New Android Variants per Family by Month
15	 Social Media
16		Spam
16	 Overall Email Spam Rate
16	 Proportion of Email Traffic Identified as Spam by Industry Sector
17	 Proportion of Email Traffic Identified as Spam by Organization Size
18		About Symantec
18		More Information
Welcome to the July edition of the Symantec
Intelligence report. Symantec Intelligence aims
to provide the latest analysis of cyber security
threats, trends, and insights concerning malware,
spam, and other potentially harmful business
risks.
Symantec has established the most comprehensive
source of Internet threat data in the world through
the Symantec™ Global Intelligence Network,
which is made up of more than 57.6 million attack
sensors and records thousands of events per
second. This network monitors threat activity
in over 157 countries and territories through a
combination of Symantec products and services
such as Symantec DeepSight™ Intelligence,
Symantec™ Managed Security Services, Norton™
consumer products, and other third-party data
sources.
3 | July 2015
Symantec Intelligence Report
Summary
Last month we reported how the spam rate had dropped below 50 percent of email traffic.
Almost as if in response to this seemingly watershed moment, the spam rate went up slightly
in July, just crossing the midpoint mark again with a percentage of 50.1. While this is the
first time the spam rate have increased in more than a year, we still anticipate that the rate
will continue its slow, downward trajectory in the months to come.
The Manufacturing and Wholesale industries both saw significant increases in targeted
attack activity in July, where both industries were up eight percentage points from June.
Enterprises with more than 2500 employees were the most commonly targeted organization
size during the month.
The number of vulnerabilities disclosed was up as well in July. There were 579 vulnerabilities
reported, in comparison to 526 in June. Of particular note were six zero-day vulnerabilities
discovered during the month—the highest number seen in more than a year. Four of these
zero-day vulnerabilities—three for Adobe Flash Player and one for Microsoft Windows—
were discovered in the data cache of the Italian covert surveillance and espionage software
company, Hacking Team, which suffered a data breach in early July.
There were 53.7 million new pieces of malware discovered in July. While down slightly from
June, this is still well above the 40.3 million average seen over the last twelve months.
Ransomware has also declined slightly this month, though there have been modest increases
in the amount of crypto-ransomware seen in July. There was also a slight decrease in
malware detected in email traffic during the month, though the Agriculture, Forestry, &
Fishing industry remained on top of the list of sectors most likely to receive malicious emails.
In contrast, four mobile malware families were released onto the mobile malware landscape
in July, the highest number seen in one month during 2015. The number of mobile malware
variants also continues to trend upwards, where 42 Android malware variants were seen per
family during July.
We hope that you enjoy this month’s report and feel free to contact us with any comments or
feedback.
Ben Nahorney, Cyber Security Threat Analyst
symantec_intelligence@symantec.com
4 | July 2015
Symantec Intelligence Report
JULYINNUMBERS
5 | July 2015
Symantec Intelligence Report
 The Manufacturing and
Wholesale sectors where the
first and second most targeted
industries in July. These
industries each saw an eight
percentage point increase in
spear-phishing attacks.
Top 10 Industries Targeted in Spear-Phishing Attacks
Source: Symantec
Nonclassifiable Establishments
Public Administration
Construction
Retail
Transportation, Communications,
Electric, Gas,  Sanitary Services
Services - Non Traditional
Finance, Insurance,
 Real Estate
Services - Professional
Wholesale
Manufacturing
30%
22
9
17
13
12
17
11
17
6
8
5
12
7
2
2
0
2
3
2
July June
Top 10 Industries Targeted in Spear-Phishing Attacks
 Large enterprises were the target
of 34.1 percent of spear-phishing
attacks in July, up from 25.1
percent in June. In contrast, 33.2
percent of attacks were directed
at organizations with less than
250 employees.
Company Size July June
1-250 33.2% 38.1%
251-500 12.6% 15.2%
501-1000 7.7% 9.0%
1001-1500 3.0% 9.9%
1501-2500 9.3% 2.7%
2501+ 34.1% 25.1%
Spear-Phishing Attacks by Size of Targeted Organization	
Source: Symantec
Spear-Phishing Attacks by Size of Targeted Organization
Targeted Attacks  Phishing
6 | July 2015
Symantec Intelligence Report
Phishing Rate Inverse Graph: Smaller Number = Greater Risk
Source: Symantec
400
800
1200
1600
2000
2400
2800
JJMAMFJ
2015
DNOSA
1IN
1587
2041
1610
1517
1004
1465
2666
2057
1865
2448
1628
647
Phishing Rate
 The overall phishing rate has
increased this month, where one
in 1,628 emails was a phishing
attempt.
Industry July June
Agriculture, Forestry,  Fishing 1 in 837.1 1 in 1,469.9
Services - Non Traditional 1 in 1,320.5 1 in 3,977.5
Finance, Insurance,  Real Estate 1 in 1,357.6 1 in 2,901.7
Public Administration 1 in 1,359.2 1 in 2,367.3
Nonclassifiable Establishments 1 in 1,564.4 1 in 2,753.1
Services - Professional 1 in 1,566.8 1 in 2,750.3
Mining 1 in 2,017.1 1 in 3,120.1
Construction 1 in 2,241.5 1 in 3,003.1
Wholesale 1 in 2,343.8 1 in 4,142.5
Transportation, Communications,
Electric, Gas,  Sanitary Services
1 in 3,114.3 1 in 4,495.4
Proportion of Email Traffic Identified as Phishing
by Industry Sector
Source: Symantec.cloud
Proportion of Email Traffic Identified as Phishing by Industry Sector
 The Agriculture, Forestry, 
Fishing sector was again the
most targeted Industry overall for
phishing attempts in July, where
phishing comprised one in every
837.1 emails. This rate has been
higher than any other industry
since April.
7 | July 2015
Symantec Intelligence Report
Company Size July June
1–250 1 in 1,288.9 1 in 1,552.5
251–500 1 in 1,613.7 1 in 2,553.7
501–1000 1 in 1,899.6 1 in 3,051.4
1001–1500 1 in 2,209.9 1 in 3,443.2
1501–2500 1 in 2,045.5 1 in 3,552.6
2501+ 1 in 1,872.3 1 in 3,624.5
Proportion of Email Traffic Identified as Phishing
by Organization Size
Source: Symantec.cloud
Proportion of Email Traffic Identified as Phishing by Organization Size
 Small companies with less than
250 employees were again the
most targeted organization size
in July.
8 | July 2015
Symantec Intelligence Report
 The number of vulnerabilities
disclosed increased in July, up
from 526 in June to 579 reported
during the month.
Total Number of Vulnerabilities
Source: Symantec
100
200
300
400
500
600
JJMAMFJ
2015
DNOSA
399
600 596
428
562
471 469
540
579
526
579
457
Total Number of Vulnerabilities
Vulnerabilities
Zero-Day Vulnerabilities
 There were six zero-day
vulnerabilities disclosed in July,
three of which exploit the Adobe
Flash Player.
Zero-Day Vulnerabilities
Source: Symantec
1
2
3
4
5
6
7
JJMAMFJ
2015
DNOSA
0 0
2
0
1
2
1 1 1
0
6
3
9 | July 2015
Symantec Intelligence Report
Vulnerabilities Disclosed in Industrial Control Systems
Source: Symantec
1
2
3
4
JJMAMFJ
2015
DNOSA
1
2
3
4
1
2
3
1 1
2
1
1 1
1
Vulnerabilities
Unique Vendors
 Three vulnerabilities in industrial
control systems were reported by
one vendor in July.
Vulnerabilities Disclosed in Industrial Control Systems
Methodology
In some cases the details of a vulnerability are not publicly disclosed during the same month that
it was initially discovered. In these cases, our vulnerability metrics are updated to reflect the time
that the vulnerability was discovered, as opposed to the month it was disclosed. This can cause
fluctuations in the numbers reported for previous months when a new report is released.
10 | July 2015
Symantec Intelligence Report
New Malware Variants
 OSX.RSPlug.A continues to be
the most commonly seen OS X
threat seen on OS X endpoints
in July.
Rank Malware Name
July
Percentage
Malware Name
June
Percentage
1 OSX.RSPlug.A 61.9% OSX.RSPlug.A 29.5%
2 OSX.Wirelurker 10.0% OSX.Keylogger 11.6%
3 OSX.Crisis 8.4% OSX.Klog.A 8.9%
4 OSX.Keylogger 4.8% OSX.Luaddit 7.8%
5 OSX.Klog.A 3.5% OSX.Wirelurker 7.1%
6 OSX.Luaddit 1.8% OSX.Flashback.K 5.4%
7 OSX.Stealbit.B 1.3% OSX.Stealbit.B 4.3%
8 OSX.Flashback.K 1.3% OSX.Freezer 3.2%
9 OSX.Freezer 1.1% OSX.Netweird 2.9%
10 OSX.Netweird 0.8% OSX.Okaz 2.5%
Top 10 Mac OS X Malware Blocked on OS X Endpoints
Source: Symantec
Top 10 Mac OSX Malware Blocked on OSX Endpoints
Malware
New Malware Variants
Source: Symantec
10
20
30
40
50
60
70
80
JJMAMFJ
2015
DNOSA
57.6
53.7
31.7
26.6
35.9
44.7
33.7
26.5
35.8
29.2
44.5
63.6
MILLIONS
 There were more than 53.7
million new pieces of malware
created in July. While down from
June, this is still well above the
40.3 million average seen over
the last twelve months.
11 | July 2015
Symantec Intelligence Report
Ransomware Over Time
 Ransomware attacks were down
slightly in July, where over 413
thousand attacks were detected.
Ransomware Over Time
Source: Symantec
100
200
300
400
500
600
700
800
JJMAMFJ
2015
DNOSA
477
413
669
734
693
756
399
544
354
248
297
738
THOUSANDS
Crypto-Ransomware Over Time
 Crypto-ransomware was up
during July, setting another high
for 2015.
Crypto-Ransomware Over Time
Source: Symantec
10
20
30
40
50
60
70
80
JJMAMFJ
2015
DNOSA
31
34
46
62
72
36
20
28
21 23
16
48
THOUSANDS
12 | July 2015
Symantec Intelligence Report
Proportion of Email Traffic in Which Malware Was Detected
 The proportion of email traffic
containing malware decreased
again this month, down to the
lowest levels seen since October
of last year.
100
150
200
250
300
350
400
JJMAMFJ
2015
DNOSA
1IN
Proportion of Email Traffic in Which Malware Was Detected
Source: Symantec
Inverse Graph: Smaller Number = Greater Risk
319
337
270
351
329
195
207
237
274
246
207
246
Percent of Email Malware as URL vs. Attachment by Month
 The percentage of email malware
that contains a URL remained
low this month, hovering around
three percent.
Percent of Email Malware as URL vs. Attachment by Month
Source: Symantec
10
20
30
40
50
JJMAMFJ
2015
DNOSA
3
6
7
14
5
3
8
3 3 3 3
41
13 | July 2015
Symantec Intelligence Report
Industry July June
Agriculture, Forestry,  Fishing 1 in 252.7 1 in 231.6
Services - Non Traditional 1 in 280.1 1 in 365.3
Public Administration 1 in 288.9 1 in 245.9
Wholesale 1 in 333.3 1 in 301.6
Services - Professional 1 in 338.0 1 in 305.8
Construction 1 in 376.3 1 in 305.8
Transportation, Communications,
Electric, Gas,  Sanitary Services
1 in 392.4 1 in 230.2
Finance, Insurance,  Real Estate 1 in 416.4 1 in 481.5
Mining 1 in 438.3 1 in 371.5
Nonclassifiable Establishments 1 in 519.5 1 in 497.7
Proportion of Email Traffic Identified as Malicious
by Industry Sector
Source: Symantec.cloud
Proportion of Email Traffic Identified as Malicious by Industry Sector
 Agriculture, Forestry,  Fishing
was the most targeted sector in
July, where one in every 252.7
emails contained malware.
Company Size July June
1-250 1 in 275.8 1 in 255.6
251-500 1 in 259.5 1 in 232.9
501-1000 1 in 351.1 1 in 318.1
1001-1500 1 in 389.5 1 in 292.2
1501-2500 1 in 373.2 1 in 164.0
2501+ 1 in 401.7 1 in 472.4
Proportion of Email Traffic Identified as Malicious
by Organization Size
Source: Symantec.cloud
Proportion of Email Traffic Identified as Malicious by Organization Size
 Organizations with 251-500
employees were most likely to be
targeted by malicious email in
the month of July, where one in
259.5 emails was malicious.
14 | July 2015
Symantec Intelligence Report
Mobile  Social Media
1
2
3
4
5
6
7
8
9
JJMAMFJ
2015
DNOSA
Android Mobile Malware Families by Month
Source: Symantec
4
1
2
3
5
6
3
0
3
1
2
8
 In July there were four new
mobile malware families
discovered.
Android Mobile Malware Families by Month
 There was an average of 42
Android malware variants per
family in the month of in July.
10
20
30
40
50
JJMAMFJ
2015
DNOSA
New Android Variants per Family by Month
Source: Symantec
40
42
34 33
37 36
38 38 38 39 39
36
New Android Variants per Family by Month
15 | July 2015
Symantec Intelligence Report
Last 12 Months
Social Media
Source: Symantec
20
40
60
80
100
Comment
Jacking
Fake
Apps
LikejackingFake
Offering
Manual
Sharing
4
82
12
0.11.6
Manual Sharing – These rely on victims to actually do the work of sharing
the scam by presenting them with intriguing videos, fake offers or messages that they share
with their friends.
Fake Offering – These scams invite social network users to join a fake event or group
with incentives such as free gift cards. Joining often requires the user to share
credentials with the attacker or send a text to a premium rate number.
Likejacking – Using fake “Like” buttons, attackers trick users into clicking website
buttons that install malware and may post updates on a user’s newsfeed, spreading the attack.
Fake Apps – Users are invited to subscribe to an application that appears to be
integrated for use with a social network, but is not as described and may be used to steal
credentials or harvest other personal data.
Comment Jacking – This attack is similar to the Like jacking where the attacker tricks the
user into submitting a comment about a link or site, which will then be posted to his/her wall.
Social Media
 In the last twelve months, 82
percent of social media threats
required end users to propagate
them.
 Fake offerings comprised 12
percent of social media threats.
16 | July 2015
Symantec Intelligence Report
50 50 5150.1%
+.4% pts
49.7%
-1.8% pts
51.5%
-0.6% pts
July June May
Overall Email Spam Rate
Source: Symantec
Overall Email Spam Rate
 The overall email spam rate in
July was 50.1 percent, up 0.4
percentage points from June.
Spam
Industry July June
Mining 55.7% 56.1%
Manufacturing 53.8% 53.7%
Retail 53.0% 53.1%
Construction 53.0% 53.3%
Services - Professional 52.5% 52.6%
Agriculture, Forestry,  Fishing 52.2% 52.3%
Wholesale 52.1% 52.2%
Nonclassifiable Establishments 52.0% 52.5%
Finance, Insurance,  Real Estate 51.9% 51.9%
Services - Non Traditional 51.9% 53.0%
Proportion of Email Traffic Identified as Spam by Industry Sector
Source: Symantec.cloudProportion of Email Traffic Identified as Spam by Industry Sector
 At 55.7 percent, the Mining
sector again had the highest
spam rate during July. The
Manufacturing sector came in
second with 53.8 percent.
17 | July 2015
Symantec Intelligence Report
Company Size July June
1–250 52.3% 52.8%
251–500 52.6% 53.2%
501–1000 52.3% 52.4%
1001–1500 51.9% 51.9%
1501–2500 52.2% 52.1%
2501+ 52.4% 52.3%
Proportion of Email Traffic Identified as Spam by Organization Size
Source: Symantec.cloud
Proportion of Email Traffic Identified as Spam by Organization Size
 While all organization sizes had
around a 52 percent spam rate,
organizations with 251-500
employees had the highest rate
at 52.6 percent.
18 | July 2015
Symantec Intelligence Report
About Symantec
More Information
 Symantec Worldwide: http://www.symantec.com/
 ISTR and Symantec Intelligence Resources: http://www.symantec.com/threatreport/
 Symantec Security Response: http://www.symantec.com/security_response/
 Norton Threat Explorer: http://us.norton.com/security_response/threatexplorer/
Symantec Corporation (NASDAQ: SYMC) is an information protection expert that helps people,
businesses and governments seeking the freedom to unlock the opportunities technology brings
– anytime, anywhere. Founded in April 1982, Symantec, a Fortune 500 company, operating one of
the largest global data-intelligence networks, has provided leading security, backup and availability
solutions for where vital information is stored, accessed and shared. The company’s more than 20,000
employees reside in more than 50 countries. Ninety-nine percent of Fortune 500 companies are
Symantec customers. In fiscal 2014, it recorded revenues of $6.7 billion. To learn more go to
www.symantec.com or connect with Symantec at: go.symantec.com/socialmedia.
For specific country offices
and contact numbers,
please visit our website.
For product information in the U.S.,
call toll-free 1 (800) 745 6054.
Symantec Corporation World Headquarters
350 Ellis Street
Mountain View, CA 94043 USA
+1 (650) 527 8000
1 (800) 721 3934
www.symantec.com
Copyright © 2015 Symantec Corporation.
All rights reserved. Symantec, the Symantec Logo,
and the Checkmark Logo are trademarks or registered
trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may
be trademarks of their respective owners
04/15 21,500-21347932

Mais conteúdo relacionado

Mais de Symantec

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar |  Tips for Successful CASB ProjectsSymantec Webinar |  Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 

Mais de Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar |  Tips for Successful CASB ProjectsSymantec Webinar |  Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Último

UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.francesco barbera
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 

Último (20)

UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 

Symantec Intelligence Report July 2015

  • 2. 2 | July 2015 Symantec Intelligence Report 3 Summary 4 July in Numbers 5 Targeted Attacks & Phishing 5 Top 10 Industries Targeted in Spear-Phishing Attacks 5 Spear-Phishing Attacks by Size of Targeted Organization 6 Phishing Rate 6 Proportion of Email Traffic Identified as Phishing by Industry Sector 7 Proportion of Email Traffic Identified as Phishing by Organization Size 8 Vulnerabilities 8 Total Number of Vulnerabilities 8 Zero-Day Vulnerabilities 9 Vulnerabilities Disclosed in Industrial Control Systems 10 Malware 10 New Malware Variants 10 Top 10 Mac OSX Malware Blocked on OSX Endpoints 11 Ransomware Over Time 11 Crypto-Ransomware Over Time 12 Proportion of Email Traffic in Which Malware Was Detected 12 Percent of Email Malware as URL vs. Attachment by Month 13 Proportion of Email Traffic Identified as Malicious by Industry Sector 13 Proportion of Email Traffic Identified as Malicious by Organization Size 14 Mobile & Social Media 14 Android Mobile Malware Families by Month 14 New Android Variants per Family by Month 15 Social Media 16 Spam 16 Overall Email Spam Rate 16 Proportion of Email Traffic Identified as Spam by Industry Sector 17 Proportion of Email Traffic Identified as Spam by Organization Size 18 About Symantec 18 More Information Welcome to the July edition of the Symantec Intelligence report. Symantec Intelligence aims to provide the latest analysis of cyber security threats, trends, and insights concerning malware, spam, and other potentially harmful business risks. Symantec has established the most comprehensive source of Internet threat data in the world through the Symantec™ Global Intelligence Network, which is made up of more than 57.6 million attack sensors and records thousands of events per second. This network monitors threat activity in over 157 countries and territories through a combination of Symantec products and services such as Symantec DeepSight™ Intelligence, Symantec™ Managed Security Services, Norton™ consumer products, and other third-party data sources.
  • 3. 3 | July 2015 Symantec Intelligence Report Summary Last month we reported how the spam rate had dropped below 50 percent of email traffic. Almost as if in response to this seemingly watershed moment, the spam rate went up slightly in July, just crossing the midpoint mark again with a percentage of 50.1. While this is the first time the spam rate have increased in more than a year, we still anticipate that the rate will continue its slow, downward trajectory in the months to come. The Manufacturing and Wholesale industries both saw significant increases in targeted attack activity in July, where both industries were up eight percentage points from June. Enterprises with more than 2500 employees were the most commonly targeted organization size during the month. The number of vulnerabilities disclosed was up as well in July. There were 579 vulnerabilities reported, in comparison to 526 in June. Of particular note were six zero-day vulnerabilities discovered during the month—the highest number seen in more than a year. Four of these zero-day vulnerabilities—three for Adobe Flash Player and one for Microsoft Windows— were discovered in the data cache of the Italian covert surveillance and espionage software company, Hacking Team, which suffered a data breach in early July. There were 53.7 million new pieces of malware discovered in July. While down slightly from June, this is still well above the 40.3 million average seen over the last twelve months. Ransomware has also declined slightly this month, though there have been modest increases in the amount of crypto-ransomware seen in July. There was also a slight decrease in malware detected in email traffic during the month, though the Agriculture, Forestry, & Fishing industry remained on top of the list of sectors most likely to receive malicious emails. In contrast, four mobile malware families were released onto the mobile malware landscape in July, the highest number seen in one month during 2015. The number of mobile malware variants also continues to trend upwards, where 42 Android malware variants were seen per family during July. We hope that you enjoy this month’s report and feel free to contact us with any comments or feedback. Ben Nahorney, Cyber Security Threat Analyst symantec_intelligence@symantec.com
  • 4. 4 | July 2015 Symantec Intelligence Report JULYINNUMBERS
  • 5. 5 | July 2015 Symantec Intelligence Report The Manufacturing and Wholesale sectors where the first and second most targeted industries in July. These industries each saw an eight percentage point increase in spear-phishing attacks. Top 10 Industries Targeted in Spear-Phishing Attacks Source: Symantec Nonclassifiable Establishments Public Administration Construction Retail Transportation, Communications, Electric, Gas, Sanitary Services Services - Non Traditional Finance, Insurance, Real Estate Services - Professional Wholesale Manufacturing 30% 22 9 17 13 12 17 11 17 6 8 5 12 7 2 2 0 2 3 2 July June Top 10 Industries Targeted in Spear-Phishing Attacks Large enterprises were the target of 34.1 percent of spear-phishing attacks in July, up from 25.1 percent in June. In contrast, 33.2 percent of attacks were directed at organizations with less than 250 employees. Company Size July June 1-250 33.2% 38.1% 251-500 12.6% 15.2% 501-1000 7.7% 9.0% 1001-1500 3.0% 9.9% 1501-2500 9.3% 2.7% 2501+ 34.1% 25.1% Spear-Phishing Attacks by Size of Targeted Organization Source: Symantec Spear-Phishing Attacks by Size of Targeted Organization Targeted Attacks Phishing
  • 6. 6 | July 2015 Symantec Intelligence Report Phishing Rate Inverse Graph: Smaller Number = Greater Risk Source: Symantec 400 800 1200 1600 2000 2400 2800 JJMAMFJ 2015 DNOSA 1IN 1587 2041 1610 1517 1004 1465 2666 2057 1865 2448 1628 647 Phishing Rate The overall phishing rate has increased this month, where one in 1,628 emails was a phishing attempt. Industry July June Agriculture, Forestry, Fishing 1 in 837.1 1 in 1,469.9 Services - Non Traditional 1 in 1,320.5 1 in 3,977.5 Finance, Insurance, Real Estate 1 in 1,357.6 1 in 2,901.7 Public Administration 1 in 1,359.2 1 in 2,367.3 Nonclassifiable Establishments 1 in 1,564.4 1 in 2,753.1 Services - Professional 1 in 1,566.8 1 in 2,750.3 Mining 1 in 2,017.1 1 in 3,120.1 Construction 1 in 2,241.5 1 in 3,003.1 Wholesale 1 in 2,343.8 1 in 4,142.5 Transportation, Communications, Electric, Gas, Sanitary Services 1 in 3,114.3 1 in 4,495.4 Proportion of Email Traffic Identified as Phishing by Industry Sector Source: Symantec.cloud Proportion of Email Traffic Identified as Phishing by Industry Sector The Agriculture, Forestry, Fishing sector was again the most targeted Industry overall for phishing attempts in July, where phishing comprised one in every 837.1 emails. This rate has been higher than any other industry since April.
  • 7. 7 | July 2015 Symantec Intelligence Report Company Size July June 1–250 1 in 1,288.9 1 in 1,552.5 251–500 1 in 1,613.7 1 in 2,553.7 501–1000 1 in 1,899.6 1 in 3,051.4 1001–1500 1 in 2,209.9 1 in 3,443.2 1501–2500 1 in 2,045.5 1 in 3,552.6 2501+ 1 in 1,872.3 1 in 3,624.5 Proportion of Email Traffic Identified as Phishing by Organization Size Source: Symantec.cloud Proportion of Email Traffic Identified as Phishing by Organization Size Small companies with less than 250 employees were again the most targeted organization size in July.
  • 8. 8 | July 2015 Symantec Intelligence Report The number of vulnerabilities disclosed increased in July, up from 526 in June to 579 reported during the month. Total Number of Vulnerabilities Source: Symantec 100 200 300 400 500 600 JJMAMFJ 2015 DNOSA 399 600 596 428 562 471 469 540 579 526 579 457 Total Number of Vulnerabilities Vulnerabilities Zero-Day Vulnerabilities There were six zero-day vulnerabilities disclosed in July, three of which exploit the Adobe Flash Player. Zero-Day Vulnerabilities Source: Symantec 1 2 3 4 5 6 7 JJMAMFJ 2015 DNOSA 0 0 2 0 1 2 1 1 1 0 6 3
  • 9. 9 | July 2015 Symantec Intelligence Report Vulnerabilities Disclosed in Industrial Control Systems Source: Symantec 1 2 3 4 JJMAMFJ 2015 DNOSA 1 2 3 4 1 2 3 1 1 2 1 1 1 1 Vulnerabilities Unique Vendors Three vulnerabilities in industrial control systems were reported by one vendor in July. Vulnerabilities Disclosed in Industrial Control Systems Methodology In some cases the details of a vulnerability are not publicly disclosed during the same month that it was initially discovered. In these cases, our vulnerability metrics are updated to reflect the time that the vulnerability was discovered, as opposed to the month it was disclosed. This can cause fluctuations in the numbers reported for previous months when a new report is released.
  • 10. 10 | July 2015 Symantec Intelligence Report New Malware Variants OSX.RSPlug.A continues to be the most commonly seen OS X threat seen on OS X endpoints in July. Rank Malware Name July Percentage Malware Name June Percentage 1 OSX.RSPlug.A 61.9% OSX.RSPlug.A 29.5% 2 OSX.Wirelurker 10.0% OSX.Keylogger 11.6% 3 OSX.Crisis 8.4% OSX.Klog.A 8.9% 4 OSX.Keylogger 4.8% OSX.Luaddit 7.8% 5 OSX.Klog.A 3.5% OSX.Wirelurker 7.1% 6 OSX.Luaddit 1.8% OSX.Flashback.K 5.4% 7 OSX.Stealbit.B 1.3% OSX.Stealbit.B 4.3% 8 OSX.Flashback.K 1.3% OSX.Freezer 3.2% 9 OSX.Freezer 1.1% OSX.Netweird 2.9% 10 OSX.Netweird 0.8% OSX.Okaz 2.5% Top 10 Mac OS X Malware Blocked on OS X Endpoints Source: Symantec Top 10 Mac OSX Malware Blocked on OSX Endpoints Malware New Malware Variants Source: Symantec 10 20 30 40 50 60 70 80 JJMAMFJ 2015 DNOSA 57.6 53.7 31.7 26.6 35.9 44.7 33.7 26.5 35.8 29.2 44.5 63.6 MILLIONS There were more than 53.7 million new pieces of malware created in July. While down from June, this is still well above the 40.3 million average seen over the last twelve months.
  • 11. 11 | July 2015 Symantec Intelligence Report Ransomware Over Time Ransomware attacks were down slightly in July, where over 413 thousand attacks were detected. Ransomware Over Time Source: Symantec 100 200 300 400 500 600 700 800 JJMAMFJ 2015 DNOSA 477 413 669 734 693 756 399 544 354 248 297 738 THOUSANDS Crypto-Ransomware Over Time Crypto-ransomware was up during July, setting another high for 2015. Crypto-Ransomware Over Time Source: Symantec 10 20 30 40 50 60 70 80 JJMAMFJ 2015 DNOSA 31 34 46 62 72 36 20 28 21 23 16 48 THOUSANDS
  • 12. 12 | July 2015 Symantec Intelligence Report Proportion of Email Traffic in Which Malware Was Detected The proportion of email traffic containing malware decreased again this month, down to the lowest levels seen since October of last year. 100 150 200 250 300 350 400 JJMAMFJ 2015 DNOSA 1IN Proportion of Email Traffic in Which Malware Was Detected Source: Symantec Inverse Graph: Smaller Number = Greater Risk 319 337 270 351 329 195 207 237 274 246 207 246 Percent of Email Malware as URL vs. Attachment by Month The percentage of email malware that contains a URL remained low this month, hovering around three percent. Percent of Email Malware as URL vs. Attachment by Month Source: Symantec 10 20 30 40 50 JJMAMFJ 2015 DNOSA 3 6 7 14 5 3 8 3 3 3 3 41
  • 13. 13 | July 2015 Symantec Intelligence Report Industry July June Agriculture, Forestry, Fishing 1 in 252.7 1 in 231.6 Services - Non Traditional 1 in 280.1 1 in 365.3 Public Administration 1 in 288.9 1 in 245.9 Wholesale 1 in 333.3 1 in 301.6 Services - Professional 1 in 338.0 1 in 305.8 Construction 1 in 376.3 1 in 305.8 Transportation, Communications, Electric, Gas, Sanitary Services 1 in 392.4 1 in 230.2 Finance, Insurance, Real Estate 1 in 416.4 1 in 481.5 Mining 1 in 438.3 1 in 371.5 Nonclassifiable Establishments 1 in 519.5 1 in 497.7 Proportion of Email Traffic Identified as Malicious by Industry Sector Source: Symantec.cloud Proportion of Email Traffic Identified as Malicious by Industry Sector Agriculture, Forestry, Fishing was the most targeted sector in July, where one in every 252.7 emails contained malware. Company Size July June 1-250 1 in 275.8 1 in 255.6 251-500 1 in 259.5 1 in 232.9 501-1000 1 in 351.1 1 in 318.1 1001-1500 1 in 389.5 1 in 292.2 1501-2500 1 in 373.2 1 in 164.0 2501+ 1 in 401.7 1 in 472.4 Proportion of Email Traffic Identified as Malicious by Organization Size Source: Symantec.cloud Proportion of Email Traffic Identified as Malicious by Organization Size Organizations with 251-500 employees were most likely to be targeted by malicious email in the month of July, where one in 259.5 emails was malicious.
  • 14. 14 | July 2015 Symantec Intelligence Report Mobile Social Media 1 2 3 4 5 6 7 8 9 JJMAMFJ 2015 DNOSA Android Mobile Malware Families by Month Source: Symantec 4 1 2 3 5 6 3 0 3 1 2 8 In July there were four new mobile malware families discovered. Android Mobile Malware Families by Month There was an average of 42 Android malware variants per family in the month of in July. 10 20 30 40 50 JJMAMFJ 2015 DNOSA New Android Variants per Family by Month Source: Symantec 40 42 34 33 37 36 38 38 38 39 39 36 New Android Variants per Family by Month
  • 15. 15 | July 2015 Symantec Intelligence Report Last 12 Months Social Media Source: Symantec 20 40 60 80 100 Comment Jacking Fake Apps LikejackingFake Offering Manual Sharing 4 82 12 0.11.6 Manual Sharing – These rely on victims to actually do the work of sharing the scam by presenting them with intriguing videos, fake offers or messages that they share with their friends. Fake Offering – These scams invite social network users to join a fake event or group with incentives such as free gift cards. Joining often requires the user to share credentials with the attacker or send a text to a premium rate number. Likejacking – Using fake “Like” buttons, attackers trick users into clicking website buttons that install malware and may post updates on a user’s newsfeed, spreading the attack. Fake Apps – Users are invited to subscribe to an application that appears to be integrated for use with a social network, but is not as described and may be used to steal credentials or harvest other personal data. Comment Jacking – This attack is similar to the Like jacking where the attacker tricks the user into submitting a comment about a link or site, which will then be posted to his/her wall. Social Media In the last twelve months, 82 percent of social media threats required end users to propagate them. Fake offerings comprised 12 percent of social media threats.
  • 16. 16 | July 2015 Symantec Intelligence Report 50 50 5150.1% +.4% pts 49.7% -1.8% pts 51.5% -0.6% pts July June May Overall Email Spam Rate Source: Symantec Overall Email Spam Rate The overall email spam rate in July was 50.1 percent, up 0.4 percentage points from June. Spam Industry July June Mining 55.7% 56.1% Manufacturing 53.8% 53.7% Retail 53.0% 53.1% Construction 53.0% 53.3% Services - Professional 52.5% 52.6% Agriculture, Forestry, Fishing 52.2% 52.3% Wholesale 52.1% 52.2% Nonclassifiable Establishments 52.0% 52.5% Finance, Insurance, Real Estate 51.9% 51.9% Services - Non Traditional 51.9% 53.0% Proportion of Email Traffic Identified as Spam by Industry Sector Source: Symantec.cloudProportion of Email Traffic Identified as Spam by Industry Sector At 55.7 percent, the Mining sector again had the highest spam rate during July. The Manufacturing sector came in second with 53.8 percent.
  • 17. 17 | July 2015 Symantec Intelligence Report Company Size July June 1–250 52.3% 52.8% 251–500 52.6% 53.2% 501–1000 52.3% 52.4% 1001–1500 51.9% 51.9% 1501–2500 52.2% 52.1% 2501+ 52.4% 52.3% Proportion of Email Traffic Identified as Spam by Organization Size Source: Symantec.cloud Proportion of Email Traffic Identified as Spam by Organization Size While all organization sizes had around a 52 percent spam rate, organizations with 251-500 employees had the highest rate at 52.6 percent.
  • 18. 18 | July 2015 Symantec Intelligence Report About Symantec More Information Symantec Worldwide: http://www.symantec.com/ ISTR and Symantec Intelligence Resources: http://www.symantec.com/threatreport/ Symantec Security Response: http://www.symantec.com/security_response/ Norton Threat Explorer: http://us.norton.com/security_response/threatexplorer/ Symantec Corporation (NASDAQ: SYMC) is an information protection expert that helps people, businesses and governments seeking the freedom to unlock the opportunities technology brings – anytime, anywhere. Founded in April 1982, Symantec, a Fortune 500 company, operating one of the largest global data-intelligence networks, has provided leading security, backup and availability solutions for where vital information is stored, accessed and shared. The company’s more than 20,000 employees reside in more than 50 countries. Ninety-nine percent of Fortune 500 companies are Symantec customers. In fiscal 2014, it recorded revenues of $6.7 billion. To learn more go to www.symantec.com or connect with Symantec at: go.symantec.com/socialmedia.
  • 19. For specific country offices and contact numbers, please visit our website. For product information in the U.S., call toll-free 1 (800) 745 6054. Symantec Corporation World Headquarters 350 Ellis Street Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com Copyright © 2015 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners 04/15 21,500-21347932