Cisco paints a bleak picture of the current cyber security landscape
Cisco has warned that the scale and impact of cyber threats are continuing to grow, driven by the evolution of the Internet of Things (IoT) which is increasing attack surfaces for cyber criminals to exploit.
The company’s 2017 Midyear Cybersecurity Report (MCR) also highlights the dangers of Destruction of Service (DeOS) attacks, epitomised by the likes of WannaCry and NotPetya which were both much more destructive than traditional ransomware.
These types of attacks, Cisco says, have the strength to eliminate organisations’ data backups and leave them unable to recover.
In terms of the current threat landscape, favoured methods of malware delivery are continuing to shift, with cyber criminals now favouring the technique of requiring victims to activate threats by clicking on links or files.
Fileless malware is also being developed that is harder to detect as it lives in memory and is never actually stored on the device, a trend that Carbon Black warned Silicon about earlier this year.
Furthermore, traditional attacks are seeing a resurgence. For example, spam volumes are increasing as hackers turn to tried and tested methods like email to distribute malware at scale.
And, as previously mentioned, the evolution of ransomware is showing no signs of slowing. Ranswomare-as-a-service models are making it easier than ever for cyber criminals to carry out such attacks and have promoted the threat to front page news.
But, despite ransomware receiving most of the attention, Cisco warns that businesses can not afford to ignore the under-reported threat of spear phishing attacks, also known as Business Email Compromise (BEC).
These highly lucrative social engineering-based attacks are designed to trick employees into handing out confidential information or transferring money to attackers, with the mistake often not realised until several days later. Stats from the Internet Crime Complaint Center suggest that $5.3 billion (£4bn) was stolen via BEC between October 2013 and December 2016.
“As recent incidents like WannaCry and Nyetya illustrate, our adversaries are becoming more and more creative in how they architect their attacks,” said Steve Martino, vice president and chief information security officer at Cisco.
“While the majority of organisations took steps to improve security following a breach, businesses across industries are in a constant race against the attackers. Security effectiveness starts with closing the obvious gaps and making security a business priority.”
Cisco also offers insight into the challenges facing specific industries. In retail, 32 percent of businesses said they had lost revenue due to attacks in the past year, without around a quarter losing customers or business opportunities.
In utilities, security professionals identified targeted attacks (42 percent) and advanced persistent threats (40 percent) as being the most critical threats, while 37 percent of healthcare organisations said that targeted attacks are high-security risks.
But, Cisco also notes that this is clearly a cross-industry issue that security teams are struggling to find answers for.
Businesses are increasingly overwhelmed by the sheer volume of attacks, resulting in them being reactive rather than proactive, illustrated by the fact that just two-thirds of organisations are currently investigating security alerts.
The picture may seem rather bleak, but there are steps that businesses can take to mitigate attacks. By patching regularly, creating a culture of security and defending proactively, organisations can give themselves a fighting chance against today’s generation of cyber criminals.