Identity theft and ransomware are getting out of control

Symantec's new threat report is a real eye-opener

Symantec has published new research which makes some alarming revelations on the security front, including observations on the spread of ransomware and identity theft.

According to the company's Internet Security Threat Report, no less than half a billion digital identities were stolen or at least exposed over the course of last year, leaving a huge amount of people potentially vulnerable to fraud of one form or another.

That number does include an estimation of unreported breaches, but it's not unreasonable to assume that some organisations will try and keep things quiet, and Symantec says this is a conservative estimate.

We've been hearing a hell of a lot about ransomware lately, of course, and Symantec observed a sizeable rise in these attacks where a victim's files are encrypted and a ransom demand is made for the key – these incidents increased by 35% in 2015.

The security firm also said that malware multiplied at a "staggering rate" with 430 million fresh pieces of malware discovered last year. Zero-day vulnerabilities more than doubled, too, hitting a new record high of 54.

Tech support trickery

Fake technical support scams trebled in numbers last year, becoming more sophisticated with cybercriminals now sending out warning messages to smartphones, attempting to persuade potential victims to get in touch with fake call centres.

Kevin Haley, director, Symantec Security Response, noted that cybercriminal groups are running operations like proper businesses, having access to extensive resources and employing staff who are given working hours and even holidays.

Hayley commented: "We are even seeing low-level criminal attackers create call centre operations to increase the impact of their scams."

Symantec also commented on ransomware hitting not just PCs, but also Macs, Linux computers, and phones. As we noted yesterday, ransomware is becoming increasingly sophisticated and already uses 'semi-automatic' propagation to attack business networks, with fully self-propagating 'cryptoworms' expected to be menacing computers across the globe in the near-ish future.