PUNE, INDIA: Symantec Corp.today announced the findings of its Internet Security Threat Report, Volume 16, which shows a massive threat volume of more than 286 million new threats last year, accompanied by several new mega trends in the threat landscape.

The report highlights dramatic increases in both the frequency and sophistication of targeted attacks on enterprises;  the continued growth of social networking sites as an attack distribution platform; and a change in  attackers’ infection tactics.  In addition, the report explores how attackers are exhibiting a notable shift in focus toward mobile devices.

“The growing prevalence and capabilities of the most visible cyber-events of 2010, Stuxnet and Hydraq, have turned the focus on protecting businesses and critical infrastructure, “said Shantanu Ghosh, vice president, India Product Operations, Symantec. “As India Inc. rapidly takes to mobile computing and social networking it needs to be watchful about the vulnerabilities and threats these platforms present.”

India Highlights include:

2010: The Year of the Targeted Attack

In 2010, attackers launched targeted attacks against a diverse collection of publicly traded, multinational corporations and government agencies, as well as a surprising number of smaller companies.  In many cases, the attackers researched key victims within each corporation and then used tailored social engineering attacks to gain entry into the victims’ networks.  Due to their targeted nature, many of these attacks succeeded even when victim organizations had basic security measures in place.

While the high-profile targeted attacks of 2010 attempted to steal intellectual property or cause physical damage, many targeted attacks preyed on individuals for their personal information. For example, the report found that data breaches caused by hacking resulted in an average of more than 260,000 identities exposed per breach in 2010, nearly quadruple that of any other cause.

·       Removable drives, but not removable malware:  India was home to the third highest Stuxnet infections, after Iran and Indonesia. Stuxnet targeted sensitive information by exploiting a zero-day vulnerability in order to infect machines through removable drives.  The high infection statistics of Stuxnet in India can be attributed to the large number of computer users in the country relying on removable media for copying data. During the reporting period, Symantec observed that the majority of malware samples in India were spread through removable drives.