Skip to content ↓ | Skip to navigation ↓

Cisco’s 2014 Annual Security Report offers a dim forecast in the wake of high profile breaches like Target, predicting an “unprecedented growth” in more sophisticated attacks that are difficult to detect and deter, ultimately undermining trust in systems, applications, and organizations.

“Using methods ranging from the socially engineered theft of passwords and credentials to stealthy, hide-in-plain-sight infiltrations that execute in minutes, malicious actors continue to exploit public trust to effect harmful consequences. However, the trust problem goes beyond criminals exploiting vulnerabilities or preying on users through social engineering: it undermines confidence in both public and private organizations,” the report states.

“Networks are facing two forms of trust erosion. One is a decline in customer confidence in the integrity of products. The other is mounting evidence that malicious actors are defeating trust mechanisms, thus calling into question the effectiveness of network and application assurance, authentication, and authorization architectures.”

Key analysis in the report includes:

Attacks against infrastructure are targeting significant resources across the Internet

  • Malicious exploits are gaining access to web hosting servers, name servers, and data centers. This suggests the forming of überbots that seek high-reputation and resource-rich assets
  • Buffer errors are a leading threat, at 21% of the Common Weakness Enumeration (CWE) threat categories
  • Malware encounters are shifting toward electronics manufacturing and the agriculture and mining industries at about 6x the average encounter rate across industry verticals

Malicious actors are using trusted applications to exploit gaps in perimeter security

  • Spam continues its downward trend, although the proportion of maliciously intended spam remains constant
  • Java comprises 91% of web exploits; 76% of companies using Cisco Web Security services are running Java 6, an end-of-life, unsupported version
  • “Watering hole” attacks are targeting specific industry-related websites to deliver malware

Investigations of multinational companies show evidence of internal compromise. Suspicious traffic is emanating from their networks and attempting to connect to questionable sites (100% of companies are calling malicious malware hosts)

  • Indicators of compromise suggest network penetrations may be undetected over long periods
  • Threat alerts grew 14% year over year; new alerts (not updated alerts) are on the rise
  • 99% of all mobile malware in 2013 targeted Android devices. Android users also have the highest encounter rate (71%) with all forms of web-delivered malware

Read More Here (PDF)…