Cyber Threats at Highest Level Ever

Friday, January 17, 2014 @ 10:01 AM gHale

Overall vulnerabilities and threats reached their highest levels since tracking began in 2000, a new report said.

On top of that, there are web hosting centers around the world suffering compromises that lead to major attacks against business and government, the report continued. This type of threat really gained full steam last year, Cisco said in its annual security report.

Manufacturing, Energy: Targeted Attacks Growing
Icefog Backdoor Targets Oil Firm
Cyber Attacks Top Threat to Nation
Securing ‘Internet of Things’

“They’re installing malware to maintain control over resources,” said Levi Gundert, Cisco technical lead for threat research, analysis and communications about the rise of criminally-manipulated web hosting centers. Attackers take over these hosting centers to make use of servers and bandwidth to launch distributed denial-of-service (DDoS) attacks.

Working in stealth mode, these attackers hide, but take control over resources they want at their disposal, Gundert said. Cisco said there are “many thousands” of these compromised web hosting centers around the world whose resources now lie under the attackers’ control.

“To truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods — before, during and after an attack,” said John N. Stewart, senior vice president, chief security officer, Threat Response Intelligence and Development at Cisco.

Cisco’s annual threat report about trends in 2013 also asserted that there is a severe shortage of security professionals worldwide trained to detect and remediate problems in network infrastructure. Cisco estimates the shortage for this year will reach 1 million security professionals — a trend that may prompt more businesses to turn to outsourced services.

The report also found:
• There was a continued hike in the sophistication and proliferation of the threat landscape.
• Simple attacks that caused containable damage have given way to organized cybercrime operations that are sophisticated, well-funded, and capable of significant economic and reputational damage to public and private sector victims.
• An increased complexity of threats and solutions due to rapid growth in intelligent mobile device adoption and cloud computing provide a greater attack surface than ever before. New classes of devices and new infrastructure architectures offer attackers opportunities to exploit unanticipated weaknesses and inadequately defended assets.
• Cybercriminals have learned that harnessing the power of Internet infrastructure yields far more benefits than simply gaining access to individual computers or devices. These infrastructure-scale attacks seek to gain access to strategically positioned web hosting servers, nameservers and data centers — with the goal of proliferating attacks across legions of individual assets served by these resources. By targeting Internet infrastructure, attackers undermine trust in everything connected to or enabled by it.

Other key findings include:
1. Overall vulnerabilities and threats reached the highest level since initial tracking began in May 2000. As of Oct. 2013, cumulative annual alert totals increased 14 percent year-over-year from 2012.
2. A shortage of more than a million security professionals across the globe in 2014. The sophistication of the technology and tactics used by online criminals — and their nonstop attempts to breach networks and steal data — have outpaced the ability of IT and security professionals to address these threats. Most organizations do not have the people or the systems to continuously monitor extended networks and detect infiltrations, and then apply protections, in a timely and effective manner.
3. One-hundred percent of a sample of 30 of the world’s largest multinational company networks generated visitor traffic to Web sites that host malware. Ninety-six percent of networks reviewed communicated traffic to hijacked servers. Similarly, 92 percent transmitted traffic to Web pages without content, which typically host malicious activity.
4. Distributed Denial of Service (DDoS) attacks have increased in volume and severity. Some DDoS attacks seek to conceal other nefarious activity, such as wire fraud before, during or after a noisy and distracting DDoS campaign.
5. Multipurpose Trojans counted as the most frequently encountered web-delivered malware, at 27 percent of total encounters in 2013. Malicious scripts, such as exploits and iframes, formed the second most frequently encountered category at 23 percent. Data theft Trojans such as password stealers and backdoors made up 22 percent of total web malware encounters. The steady decline in unique malware hosts and IP addresses — down 30 percent between Jan. 2013 and Sept. 2013 — suggests that malware is being concentrated in fewer hosts and fewer IP addresses.
6. Java continues to be the most frequently exploited programming language targeted by online criminals.
7. Ninety-nine percent of all mobile malware targeted Android devices. – Specific business sectors, such as the pharmaceutical and chemical industry and the electronics manufacturing industry, have historically had high malware encounter rates. Malware encounters also continued to rise in the energy, oil and gas sectors.

Leave a Reply

You must be logged in to post a comment.