Posted On: November 10, 2016
Cisco’s 2016 Midyear Cybersecurity Report provides an unfiltered look into the current cybersecurity landscape. It’s not a rosy picture, as the report reveals the growing threat of cyberattacks, and most notably, ransomware. The report, though, isn’t all doom and gloom and reveals the latest measures organizations can implement to protect themselves.
The Cisco Report sums up its findings into four main points presented below:
Ransomware is the most profitable attack to date, with as many as 90,000 victims targeted every 24 hours. Ransomware's victims are quite diverse and include most major industries, such as academic institutions, healthcare, law enforcement and even the federal government.
Vulnerabilities in applications, like JBoss, are providing attackers new vectors to launch campaigns such as ransomware. Cisco has also observed increasing incidences of hackers using self-propagating malware that replicates itself within local, remote, network and USB drives.
To quickly resume business operations, victims may relent and pay the ransom, usually in the form of bitcoins that average between $300 per victim. Even when the ransom is paid, there is no guarantee that the data will be decrypted, or that decrypted data has not been compromised in some form.
Traditionally, hackers have favored client-side attacks that rely on the unsuspecting victims performing a normally harmless action. This may include opening an email containing malicious malware disguised as a PDF, starting up an instant messaging application or running an FTP client while connected to an FTP server.
Exploit kits are readily available helping to spread malware and ransomware and continue to penetrate vulnerabilities within Adobe Flash. Exploit kit makers can simply reverse-engineer the latest patch updates to detect new vulnerabilities and evade security defenses.
Attackers are also increasingly resorting to server-side attacks that directly target web browsers, web servers and database servers by injecting scripts in HTML pages or manipulating SSI.
The gap between attack activity, time to detection and solution implementation is critical. In their report, Cisco researchers detail the growing use of HTTPS in malicious campaigns, as well as bad actors’ use of Transport Layer Security (TLS) to encrypt their communications. Thanks to the latest cybersecurity solutions, the timeframe between penetration and security implementation has reduced even as the frequency of attacks has gone up. The latest patch is usually available the minute a new vulnerability is made public, but even so, many users don’t download the patch immediately, if at all. This lag time provides ample opportunity for hackers to continue to exploit public, well-known vulnerabilities.
Cybersecurity vendors are remedying this through features like auto-patch updates. Per one estimate by Cisco, roughly 75% to 80% of users have the latest patch or are only one patch behind the latest update.
Hackers routinely shift their tactics. This much is clear: no matter what your industry or geographical location, you are vulnerable. To combat the growing threats, the federal government has imposed stricter measures that, while well intended, have often lead to privacy concerns and increased compliance requirements that are often contradictory to one another. Many IT experts argue that over regulation makes us less secure.
Ultimately, all organizations need to proactively adopt the best protections and not depend on a government agency or outside regulating body to tell them to do so.
Improving Your Organizations Security Outlook
While the outlook may seem dire, there are inroads being made against cyberattacks. Organizations who take measures to limit an attacker's time to operate by upgrading aging infrastructure and instituting new security and detection techniques are stopping more attacks before they can penetrate.
Even with progress being made, it never hurts to have an experienced security professional guide you through the maze of security risks, and ensure you’re protected. OneNeck IT Solutions will work with you to build a stronger foundation for your infrastructure that will harden your security and increase your visibility to potential attacks.
Hybrid IT infrastructure that combines on-premises and public cloud capabilities is a strategy many enterprises are embracing. Download Now
Why is it important for organizations to embrace digital transformation? Just ask anyone that once worked for Blockbuster. It’s not that we quit... Continue Reading