Cisco Warns of Internet Dangers That Are Easily Preventable
A string of recent attacks against oil and gas companies as well as the recent Cryptolocker ransomware incident are examples of current threats that Cisco researchers are now warning about.While there is a certain amount of focus by security vendors on zero-day threats that have not yet been patched, networking giant Cisco Systems doesn't want people to forget about the need for good Internet hygiene to protect against all the other types of online threats. In a press briefing today, Craig Williams, technical leader of Threat Research Analysis & Communications (TRAC) at Cisco, talked about three recent sets of attacks, all of which could have been prevented if the victims had properly followed a few simple Internet security best practices. One of the attacks, known as a "watering hole" attack, targeted oil and gas companies. In a watering hole attack, a commonly visited Website (the watering hole) is infected with some form of malware, which is then distributed to all subsequent visitors to the site. Cisco TRAC discovered 10 Websites in the oil and gas sector that had become watering hole sites. Williams did not specifically identify all 10 sites, though he did note that they include a large firm with operations in Africa, Morocco and Brazil; a natural gas power station in the U.K.; and a gas distributor in France.