Font Size: A A A


Threat landscape

Simple attacks on IT that caused containable damage have given way to organised cyber-crime operations that are sophisticated, well-funded, and capable of significant economic and reputational damage to public and private sector victims.

That’s according to the Cisco 2014 Annual Security Report, released by the network IT product company last month. The report says that cybercriminals have learned that harnessing the power of Internet infrastructure yields far more than simply gaining access to a computer or device. These infrastructure-scale attacks seek to gain access to strategically positioned web hosting servers, name servers and data centres—with the goal of proliferating attacks across legions of individual assets served by these resources. By targeting Internet infrastructure, attackers undermine trust in everything connected to or enabled by it.

Java continues to be the most frequently exploited programming language targeted by online criminals. Data from Sourcefire, now a part of Cisco, shows that Java exploits make up the vast majority (91 percent) of Indicators of Compromise (IOCs).

Ninety-nine percent of all mobile malware targeted Android devices. At 43.8 percent, Andr/Qdplugin-A was the most frequently encountered mobile malware, typically via repackaged copies of legitimate apps distributed via non-official marketplaces.

The firm claims there’s a worldwide shortage of nearly a million skilled security professionals, affecting organisations’ abilities to monitor and secure networks. The company suggests rapidly evolving security challenges are faced by businesses, IT departments and users. Attacker methods include socially engineered theft of passwords and credentials, hide-in-plain-sight infiltrations, and exploitation of the trust required for economic transactions, government services and social interactions. The report claims that the sophistication of the technology and tactics used by online criminals—and their non-stop attempts to breach networks and steal data—have outpaced the ability of IT and security people to address these threats. Most businesses do not have the people or the systems to continuously monitor extended networks and detect infiltrations, and then apply protections, in a timely and effective manner. Specific sectors, such as the pharmaceutical and chemical industry and the electronics manufacturing, have historically had high malware encounter rates. In 2012 and 2013, there was remarkable growth in malware encounters for the agriculture and mining industry, formerly a relatively low-risk sector. Malware encounters also continued to rise in the energy, oil and gas sectors.

John N Stewart, senior vice president, chief security officer, Threat Response Intelligence and Development at Cisco, said: “Although the Cisco Annual Security Report paints a grim picture of the current state of cyber security, there is hope for restoring trust in people, institutions and technologies – and that starts with empowering defenders with real-world knowledge about expanding attack surfaces. To truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods – before, during and after an attack.”


Related News