Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    ‘Spyware,’ Ransomware Top Threats but Defenders Slowly Improve

    By
    Robert Lemos
    -
    July 20, 2017
    Share
    Facebook
    Twitter
    Linkedin
      malware

      Business email compromise, ransom-seeking criminals and questionable programs that collect information are three of the major threats facing companies in 2017, according to Cisco’s Midyear Cybersecurity Report, published on July 20.

      Malware and denial-of-service attacks aimed at forcing victims to pay a ransom—known as ransomware and ransom denial-of-service (RDoS), respectively—affect 49 percent of companies, according to the report, citing a study by Cisco research partner Radware. Part of the increase is due to attacks as a service—such as distributed DoS (DDoS)-as-a-service and ransomware-as-a-service—becoming the de facto approach for many cyber-criminals.

      “We are seeing tools going away, and instead we are seeing a lot of as-a-service models,” Francisco Artes, security business group architect at Cisco, told eWEEK.

      The report forecasts that attacks will become more destructive and focus more on easy-to-hack internet of things (IoT) devices. Combining both trends, destruction-as-a-service will become more popular, with permanent DoS attacks, such as BrickerBot, attempting to erase data and then flash the motherboard of targeted devices.

      The 90-page report brings together data from a variety of sources: Cisco internal research, government data and research from nearly a dozen partners, including RSA, Radware and Qualys.

      One major trend highlighted by the report is the danger of borderline spyware. Programs that seem legitimate but contain extensive spyware capabilities are becoming a larger problem, Cisco stated in the report. In a study of the network traffic of approximately 300 companies, Cisco found that more than 20 percent had at least one spyware infection. The most prevalent spyware were seemingly legitimate programs that exceed their expected behavior—a description that could apply to many of the tracking services used by advertisers.

      “Although operators may market spyware as services designed to protect or otherwise help users, the true purpose of the malware is to track and gather information about users and their organizations—often without users’ direct consent or knowledge,” Artes said. “Spyware companies are known to sell or provide access to the data they collect, allowing third parties to harvest information with relative anonymity.”

      Six out of every 10 firms showing signs of spyware, for example, had a client compromised by the Hola service, which is advertised as a peer-to-peer virtual private network but allows remote code execution and the ability to download files while bypassing antivirus checking. Another prevalent spyware program is RelevantKnowledge, a browser plugin that collects information on the user’s browsing habits and is often installed through software bundling without the user’s knowledge.

      The developers behind malware are continuously modifying their programs and techniques to attempt to avoid detection. A new vector was introduced for each of the top four programs—Kryptik, Ramnit, Nemucod and Fereit—approximately every day. While the number of vectors focused on the Web gradually declined over the study period, the number of vectors through email increased.

      Overall, companies seem to be improving their defensive efforts. Firms focused on quickly fixing vulnerabilities have made great strides in reducing their attack surface area, according to the report. In 2017, companies took an average of 62 days to eliminate 80 percent of the known Adobe Flash vulnerabilities in their organizations, according to Cisco partner Qualys, a vulnerability management firm. While there seems to be little to celebrate in that response time, it used to take 308 days to reach the same benchmark in 2014.

      In addition, companies are getting better at detecting incidents in their networks. The average incident took 3.5 hours to be detected in May 2017, down from 39 hours in November 2015. The median time to detection (TTD) is the period between when a compromise happens and when the company’s security detects the incident.

      Robert Lemos
      Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's written for Ars Technica, CNET, eWEEK, MIT Technology Review, Threatpost and ZDNet. He won the prestigious Sigma Delta Chi award from the Society of Professional Journalists in 2003 for his coverage of the Blaster worm and its impact, and the SANS Institute's Top Cybersecurity Journalists in 2010 and 2014.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×