Cisco recently released its 2017 Midyear Cybersecurity Report, designed to keep security teams and the businesses they support apprised of cyber threats and vulnerabilities—and informed about steps they can take to improve security and cyber-resiliency.
Here are the top eight key findings:
- Business email compromise (BEC) has become a highly lucrative threat vector for attackers. According to the Internet Crime Complaint Centre, almost A$7 billion was stolen due to BEC fraud between October 2013 and December 2016. In comparison, ransomware exploits took in A$1.25 billion in 2016.
According to Anthony Stitt, General Manager of Security, Cisco Australia and New Zealand “BEC is now likely a much bigger financial problem than ransomware globally. BEC is where criminals try to dupe staff through ‘imposter’ emails to implement money transfers. For example, a CFO emailing a financial controller requesting urgent payment of an invoice. Unlike other forms of email threats, BEC doesn’t involve technical exploitation via malware attachments or links to malicious websites, which one might normally associate or expect with phishing. Anecdotally, we’ve seen every size organisation in Australia being targeted with this, and the sums are as surprising as the near misses. At Cisco, we’ve spoke to organisations that have been the target of such attacks or traps, with large sums involved - 4, 5, 6, 7, 8 figures – although most requests commonly fall in the $25K - $50K range.”
- Spyware that masquerades as potentially unwanted applications (PUAs) is a form of malware—and a risk that many organisations underestimate or dismiss completely. However, spyware can steal user and company information, weaken the security posture of devices, and increase malware infections.
- The Internet of Things (IoT) holds great promise for business collaboration and innovation. But as it grows, so too does security risk. Lack of visibility is one problem: Defenders are simply not aware of what IoT devices are connected to their network. They need to move quickly to address this and other hurdles to IoT security. Threat actors are already exploiting security weaknesses in IoT devices. The devices serve as strongholds for adversaries, and allow them to move laterally across networks quietly and with relative ease.
- Supply chain attacks offer adversaries a way to spread malware to many organisations through a single compromised site.
- The dramatic increase in cyber-attack frequency, complexity, and size over the past year suggests that the economics of hacking have turned a corner. The modern hacking community is benefiting from quick and easy access to a range of useful and low-cost resources.
- When it comes to enterprise security, cloud is the ignored dimension: Open authorisation (OAuth) risk and poor management of single privileged user accounts create security gaps that adversaries can easily exploit. Malicious hackers have already moved to the cloud and are working relentlessly to breach corporate cloud environments.
“The report overall focuses on the increasing number of software vulnerabilities, especially server-side software. Whereas, client-side vulnerabilities are more likely to be patched via auto-updates, server-side software is predominantly manually patched and as shown in the report these vulnerabilities can exist for months or even years. This is true irrespective if the software is hosted on premise or in the cloud.” says Anthony.
- In the exploit kit landscape, activity has declined dramatically and innovation has stagnated. This situation is likely temporary, given previous patterns in this market. But other factors, such as the greater difficulty of exploiting vulnerabilities in files built with Adobe Flash technology, may be slowing the resurgence.
- DevOps services that have been deployed improperly or left open intentionally for convenient access by legitimate users pose a significant risk to organisations.
Download the full report here.
You might also like:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.