You are viewing 1 of 1 articles without an email address.

All our articles are free to read, but complete your details for free access to full site!

Already a Member?
Login Join us now

Cisco warns of “rapid evolution” of cyber threats

Key industries are bringing more operations online, increasing attack surfaces and the potential scale and impact of these threats

The IoT continues to offer new opportunities for cyber criminals
The IoT continues to offer new opportunities for cyber criminals

Two fifths of public sector organisations report that of the thousands of cyber-security alerts they witness daily, fewer than two-thirds are investigated, a new study finds.


Cisco’s 2017 Midyear Cybersecurity Report (MCR) also revealed that more than one quarter (27 per cent) of public sector organisations lack the trained personnel to adopt appropriate security processes.


The report warns of a “rapid evolution” of threats in cyberspace as well as an increasing magnitude of attacks, and has coined a new term for cyber-criminals’ next goal: destruction of service (DeOS) attacks.


Epitomised by the recent WannaCry and Nyetya ransomware attacks, these could eliminate organisations’ backups and safety nets, required to restore systems and data after an attack. Also, with the advent of the Internet of Things (IoT), key industries are bringing more operations online, increasing attack surfaces and the potential scale and impact of these threats.


The Internet of Things (IoT) continues to offer new opportunities for cyber-criminals, and its security weaknesses, ripe for exploitation, will play a central role in enabling these campaigns with escalating impact. Recent IoT botnet activity already suggests that some attackers may be laying the foundation for a wide-reaching, high-impact cyber-threat event that could potentially disrupt the Internet itself, said Cisco.


“While the majority of organisations took steps to improve security following a breach, businesses across industries are in a constant race against the attackers,” Steve Martino, vice president and chief information security officer, Cisco.


“Security effectiveness starts with closing the obvious gaps and making security a business priority.”


Cisco security researchers watched the evolution of malware during the first half of 2017 and identified shifts in how adversaries are tailoring their delivery, obfuscation and evasion techniques.


Specifically, Cisco saw they increasingly require victims to activate threats by clicking on links or opening files. They are developing fileless malware that lives in memory and is harder to detect or investigate as it is wiped out when a device restarts. Finally, adversaries are relying on anonymised and decentralised infrastructure, such as a Tor proxy service, to obscure command and control activities.


According to Cisco while there has been a “striking decline” in exploit kits, other traditional attacks are seeing a resurgence:

  • Spam volumes are significantly increasing, as adversaries turn to other tried-and-true methods, like email, to distribute malware and generate revenue. Cisco threat researchers anticipate that the volume of spam with malicious attachments will continue to rise while the exploit kit landscape remains in flux.
  • Spyware and adware, often dismissed by security professionals as more nuisance than harm, are forms of malware that persist and bring risks to the enterprise. Cisco research sampled 300 companies over a four-month period and found that three prevalent spyware families infected 20 percent of the sample. In a corporate environment, spyware can steal user and company information, weaken the security posture of devices and increase malware infections.

“Complexity continues to hinder many organisations’ security efforts. It’s obvious that the years of investing in point products that can’t integrate is creating huge opportunities for attackers who can easily identify overlooked vulnerabilities or gaps in security efforts, added David Ulevitch, senior vice president and general manager, security business group, Cisco.


“To effectively reduce time to detection and limit the impact of an attack, the industry must move to a more integrated, architectural approach that increases visibility and manageability, empowering security teams to close gaps.”


To combat today’s increasingly sophisticated attackers, organisations must take a proactive stance in their protection efforts. Cisco Security advises:


Keeping infrastructure and applications up to date, so that attackers can’t exploit publicly known weaknesses;


Battle complexity through an integrated defense. Limit siloed investments;


Engage executive leadership early to ensure complete understanding of risks, rewards and budgetary constraints;


Establish clear metrics. Use them to validate and improve security practices;


Examine employee security training with role-based training versus one-size-fits-all;


Balance defense with an active response. Don’t “set and forget” security controls or processes.


If you like this, you might be interested in reading the following:



Atos and Siemens team up to boost industrial cyber defences

The aim is to provide customers in the manufacturing and processing industries with comprehensive security services and products



Action needed to reduce the risk of botnets

It urges IoT device manufacturers to ‘take responsibility’ by implementing security-by-design



Opportunities and threats

The boss of one of the UK’s leading data security firms welcomes faster connectivity but warns that it can also mean the ‘surface area’ for attacks is greater

Add New Comment
You must be a member if you wish to add a comment - why not join for free - it takes just 60 seconds!