Firms must cut cyberattacks detection time: Cisco
DUBAI, August 10, 2015
Cyber-criminals have stepped up attacks on systems as they continue to find new ways to infiltrate networks and evade security measures, according to the Cisco 2015 Midyear Security Report released today.
The report reveals the critical need for organizations to reduce time to detection (TTD) in order to remediate against such sophisticated attacks.
It urged businesses to invest in effective, sustainable and trusted security solutions and professional services.
The report broadly covers two topics – Threat intelligence and Analysis and Observation.
Below are highlights from the 2015 Midyear Report:
• Adobe Flash still remains vulnerable to exploits which are integrated into exploit kits such as Angler and Nuclear. The Angler kit remains the market leader in terms of sophistication and effectiveness and represents the types of threats that will challenge organizations as the digital economy and the Internet of Everything (IoE) create new attack points and monetization opportunities for adversaries.
• Operators of crimeware, such as ransomware, are hiring and funding professional development teams to help them make sure their tactics remain profitable.
• Command-and-control communications are being routed through anonymous web networks such as Tor and Invisible Internet Protocol (I2P) to avoid detection
• Microsoft macros are once again being used to deliver malware
• Text from Jane Austin’s Sense and Sensibility is being incorporated into the landing pages that host exploit kits in order to look legitimate and evade detection
• Techniques such as sandbox detection are increasingly being used to avoid detection on networks
• Spam volume has increased in the US, China and Russia while remaining stable in other regions
• More attention is being paid to mitigate vulnerabilities in open-source applications
• Exploits involving Java have been on the decline
The Security Report also gives some recommendations to venders and businesses to mitigate these threats:
• Organizations are asked to implement integrated threat defence architecture that embeds security everywhere and not just point product solutions which leave other areas vulnerable.
• A collaborative, multi-stakeholder cyber governance framework is required to sustain business innovation and economic growth on a global stage.
• Venders should be transparent about and be able to demonstrate the security they build into their products in order to be considered trustworthy.
Rabih Dabboussi, GM, Cisco UAE said, regarding the threat report: “Cisco is leading the industry when it comes to providing resilient products and services and integrating capabilities for detecting, preventing, and recovering from attacks.
"Cisco is committed to providing both industry defined security capabilities as well as trustworthy solutions across all product lines,” he said. -TradeArabia News Service