In today’s hyper-connected world, it’s no longer a question of if a business will be attacked—but when

According to Symantec’s Internet Security Threat Report (ISTR) released today, targeted attacks against large companies grew by 40 percent last year. This marks a tactical shift by cyberattackers, who are infiltrating networks and evading detection by hijacking the infrastructure of major corporations and using it against them.

Other highlights include:

• There was a record high of 24 zero-day vulnerabilities discovered in 2014, and it took vendors an average of 59 days to create and roll out patches—up from only four days in 2013.
• Cybercriminals continued to favor more lucrative and aggressive attack methods like ransomware, which increased 113 percent.
• Attackers tricked companies into infecting themselves by Trojanizing software updates to common programs and patiently waiting for their targets to download them—giving attackers unfettered access to corporate networks.

The ISTR is Symantec’s largest annual research report that provides an overview and analysis of the past year in global threat activity, including emerging trends in attacks, malicious code activity, phishing and spam.  Visit http://www.symantec.com/security_response/publications/threatreport.jsp