Malicious Spam, Targeted Attacks Among Top Threats of 2014: Cisco

By Nathan Eddy  |  Posted 2014-01-23 Print this article Print

Organizations of all sizes are facing a greater attack surface, the growing proliferation and sophistication of attack models, and increasing complexity within the network, according to Cisco's latest annual security report. Many businesses are struggling to solidify a security vision supported by an effective strategy that uses new technologies, simplifies their architecture and operations, and strengthens their security teams, the report said. Cisco offers data on and insights into top security concerns such as shifts in malware, trends in vulnerabilities and the resurgence of distributed denial-of-service (DDoS) attacks. The report also looks at campaigns that target specific organizations, groups and industries, and the growing sophistication of those who attempt to steal sensitive information. Cisco concludes that adversaries are coming up with new methods for embedding their malware in networks, remaining undetected for long periods, and stealing data or disrupting critical systems. The report concludes with recommendations for examining security models holistically and gaining visibility across the entire attack continuum—before, during, and after an attack.

  • Malicious Spam, Targeted Attacks Among Top Threats of 2014: Cisco

    by Nathan Eddy
    1 - Malicious Spam, Targeted Attacks Among Top Threats of 2014: Cisco
  • Managing Compliance Is a Top Concern

    The most pervasive concern among chief information security officers (CISOs) may be the need to protect data that resides throughout an increasingly porous network, while spending precious resources on compliance. The report notes compliance alone is not equal to being secure—it is simply a minimum baseline focusing on the needs of a special regulated environment. Security, meanwhile, is an all-encompassing approach that covers all business activities.
    2 - Managing Compliance Is a Top Concern
  • Threat Alerts on the Rise

    Technology vendors and researchers are finding an increasing number of new vulnerabilities; the discoveries result from the greater emphasis on highly secure development lifecycle use, as well as improvements in the security of their own products. The higher number of new vulnerabilities may also be a sign that vendors are examining their product code and fixing vulnerabilities before products are released and their vulnerabilities exploited, the report said.
    3 - Threat Alerts on the Rise
  • Speedy Spam Is Still a Threat

    Spammers use speed as a tool to abuse email users' trust by delivering massive amounts of spam when news events or trends lower recipients' resistance to scams. For instance, Cisco found in the aftermath of the Boston Marathon bombing on April 15, 2013, two large-scale spam campaigns commenced—one on April 16 and another on April 17—designed to attract email users hungry for news of the event's impact.
    4 - Speedy Spam Is Still a Threat
  • Java Leads the Web Exploits Pack

    Data from Sourcefire, now part of Cisco, shows that Java exploits make up 91 percent of indicators of compromise (IoCs) that are monitored by Sourcefire's FireAMP solution for advanced malware analysis and protection. Java exploits far outstrip those detected in Adobe Flash or PDF documents, which are also popular vectors for criminal activity.
    5 - Java Leads the Web Exploits Pack
  • Maturation of BYOD Spurs Cyber-Crime

    Cisco security experts note that the more smartphones, tablets and other devices perform like traditional desktop and laptop computers, the easier it is to design malware for them. Apps are another area of concern; many users download mobile apps regularly without any thought of security, and mobility offers new ways for users and data to be compromised.
    6 - Maturation of BYOD Spurs Cyber-Crime
  • Targeted Attacks Continue to Persist

    Criminals go to great lengths to make sure targeted attacks go undetected, using methods that result in nearly imperceptible IoCs. Their methodical approach to gain entry into networks and carry out their mission involves an "attack chain"—the chain of events that leads up to and through the phases of an attack. Once these targeted attacks find a place in the network to hide, they efficiently carry out their tasks and usually conduct them without being noticed.
    7 - Targeted Attacks Continue to Persist
  • Pharmaceutical, Electronics Industries Are Prime Targets

    Cisco security experts report that malware targeting these two industry verticals typically is designed to help actors gain access to intellectual property, which they, in turn, use for competitive advantage or sell to the highest bidder. Protecting users against these attacks involves keeping machines and Web browsers fully patched to minimize the number of vulnerabilities that an attacker can exploit.
    8 - Pharmaceutical, Electronics Industries Are Prime Targets
  • Exploiting a Fragile, Expansive Ecosystem

    The newest twist in malicious exploits is to gain access to Web hosting servers, name servers and data centers—with the goal of taking advantage of the tremendous processing power and bandwidth they provide. Through this approach, exploits can reach many more unsuspecting computer users and have a far greater impact on the organizations targeted, whether the goal is to make a political statement, undermine an adversary or generate revenue. The report warns that one compromised hosting server can infect thousands of Websites and site owners around the world.
    9 - Exploiting a Fragile, Expansive Ecosystem
  • Malicious Traffic Detected in All Corporate Networks

    In a recent project reviewing Domain Name System (DNS) lookups originating from inside corporate networks, Cisco threat intelligence experts found that in every case, organizations showed evidence that their networks had been misused or compromised. For example, 100 percent of the business networks analyzed by Cisco had traffic going to Websites that host malware, while 92 percent show traffic to Web pages without content that typically host malicious activity. In addition, 96 percent of the networks reviewed showed traffic to hijacked servers.
    10 - Malicious Traffic Detected in All Corporate Networks
  • DDoS Attacks Increasing in Volume, Severity

    "DDoS attacks should be a top security concern for organizations in the public and private sector in 2014," John Stewart, senior vice president and chief security officer at Cisco, wrote in the report. "Expect future campaigns to be even more extensive and to last for extended periods. Organizations, particularly those that operate or have interests in industries that are already prime targets, such as financial services and energy, need to ask themselves, 'Can we be resilient against a DDoS attack?'"
    11 - DDoS Attacks Increasing in Volume, Severity

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel