Home » Cisco Security Report Shows Unprecedented Growth of Advanced Attacks and Malicious Traffic

Cyber Security NewsBanking/Finance/InsuranceConstruction, Real Estate, Property ManagementInfrastructure:Electric,Gas & WaterGovernment: Federal, State and LocalHospitals & Medical CentersPorts: Sea, Land, & AirRetail/Restaurants/ConvenienceSecurity NewswireTransportation/Logistics/Supply Chain/Distribution/ Warehousing

Cisco Security Report Shows Unprecedented Growth of Advanced Attacks and Malicious Traffic

January 16, 2014

No Comments

The Cisco 2014 Annual Security Report reveals that threats designed to take advantage of users’ trust in systems, applications and personal networks have reached startling levels.

According to the report, a worldwide shortage of nearly a million skilled security professionals is impacting organizations’ abilities to monitor and secure networks, while overall vulnerabilities and threats reached their highest levels since 2000.

The report reveals an increased sophistication and proliferation of the threat landscape. Simple attacks that caused containable damage have given way to organized cybercrime operations that are sophisticated, well-funded, and capable of significant economic and reputational damage to public and private sector victims.

In addition, there is an increased complexity of threats and solutions due to rapid growth in intelligent mobile device adoption and cloud computing that provide a greater attack surface than ever before. New classes of devices and new infrastructure architectures offer attackers opportunities to exploit unanticipated weaknesses and inadequately defended assets.

The report also reveals that cybercriminals have learned that harnessing the power of Internet infrastructure yields far more benefits than simply gaining access to individual computers or devices. These infrastructure-scale attacks seek to gain access to strategically positioned web hosting servers, nameservers and data centers—with the goal of proliferating attacks across legions of individual assets served by these resources. By targeting Internet infrastructure, attackers undermine trust in everything connected to or enabled by it.

Other report findings include:

Overall vulnerabilities and threatsreached the highest level since initial tracking began in May 2000. As of Oct. 2013, cumulative annual alert totals increased 14 percent year-over-year from 2012.

The report indicates a shortage of more than a million security professionalsacross the globe in 2014. The sophistication of the technology and tactics used by online criminals—and their nonstop attempts to breach networks and steal data—have outpaced the ability of IT and security professionals to address these threats. Most organizations do not have the people or the systems to continuously monitor extended networks and detect infiltrations, and then apply protections, in a timely and effective manner.

One-hundred percent of a sample of 30 of the world’s largest multinational company networks generated visitor traffic to Web sites that host malware. Ninety-six percent of networks reviewed communicated traffic to hijacked servers. Similarly, 92 percent transmitted traffic to Web pages without content, which typically host malicious activity.

Distributed Denial of Service (DDoS) attacks—which disrupt traffic to and from targeted websites and can paralyze ISPs—have increased in both volume and severity. Some DDoS attacks seek to conceal other nefarious activity, such as wire fraud before, during or after a noisy and distracting DDoS campaign.

Multipurpose Trojans counted as the most frequently encounteredweb-delivered malware, at 27 percent of total encounters in 2013. Malicious scripts, such as exploits and iframes, formed the second most frequently encountered category at 23 percent. Data theft Trojans such as password stealers and backdoors made up 22 percent of total web malware encounters. The steady decline in unique malware hosts and IP addresses—down 30 percent between Jan. 2013 and Sept. 2013—suggests that malware is being concentrated in fewer hosts and fewer IP addresses.

Java continues to be the most frequently exploitedprogramming language targeted by online criminals.Data from Sourcefire, now a part of Cisco, shows that Java exploits make up the vast majority (91 percent) of Indicators of Compromise (IOCs).

Ninety-nine percent of all mobile malwaretargeted Android devices. At 43.8 percent, Andr/Qdplugin-A was the most frequently encountered mobile malware, typically via repackaged copies of legitimate apps distributed via non-official marketplaces.

I want to hear from you. Tell me how we can improve.

BNP Media Owner & Co-CEO, Tagg Henderson

You must login or register in order to post a comment.

This presentation will show you the benefits of using high resolution cameras to monitor large venues. This will enable cost savings from reduced camera count. Various intelligent features and functions will be discussed that allow for ease of monitoring and searching videos as well as bandwidth reduction.

Chad Schermerhorn, Security Expert at Brivo, will discuss how your physical security stack should be an operational asset. It should be based on the strongest, and most-up-to-date smart security that can protect you today and adapt for unexpected threats that may come.

Security Magazine

2020 June

This month in Security magazine, we highlight COVID-19 and infosec's response. How has the sudden shift to remote work changed the roles of CISOs and security teams? Also this month, we profile Justin Dolly, CSO at Sauce Labs, his view on infosec and building security teams. In addition, security experts discuss continuous monitoring, radicalism, quantum technology, endpoint security and more.

View More Create Account

Cisco Security Report Shows Unprecedented Growth of Advanced Attacks and Malicious Traffic

Related Articles

Report Abusive Comment