Cisco 2015 Annual Security Report said attackers have become more proficient at taking advantage of gaps in security to evade detection and conceal malicious activity.
Defenders, namely, security teams, must be improving their approach to protect their organization from these increasingly sophisticated cyber attack campaigns. Local laws with respect to data sovereignty, data localization and encryption are complicating the matter.
John N. Stewart, senior vice president, chief security and trust officer, Cisco, said: “Security must provide protection across the full attack continuum and technology must be bought that is designed and built with that in mind.”
Cyber criminals are expanding their tactics and adapting their techniques to carry out cyber attack campaigns in ways that make it harder to detect and analyze.
Top three trends last year
Snowshoe Spam
Emerging as a preferred strike method, attackers are sending low volumes of spam from a large set of IP addresses to avoid detection, creating an opportunity to leverage compromised accounts in multiple ways.
Web Exploits Hiding in Plain Sight
Widely used exploit kits are getting dismantled by security companies in short order. Online criminals are using other less common kits to carry out their tactics — a sustainable business model as it does not attract too much attention.
Malicious Combinations
Flash and JavaScript have been insecure on their own, but with advances in security detection and defenses, attackers have adapted by deploying exploits which combine their respective weaknesses. Sharing exploits over two different files — one Flash and one JavaScript — can make it more difficult for security devices to identify and block the exploit and to analyze it with reverse engineering tools.
Throughout 2014, Cisco threat intelligence research revealed that attackers have shifted their focus from seeking to compromise servers and operating systems to seeking to exploit users at the browser and email level. Users downloading from compromised sites contributed to 228 percent increase in Silverlight attacks along with a 250 percent increase in spam and malvertising exploits.
Another Cisco study indicates 75 percent of CISOs see their security tools as very or extremely effective. However, less than 50 percent of respondents use standard tools such as patching and configuration to help prevent security breaches and ensure that they are running the latest versions.
Heartbleed was the landmark vulnerability last year, yet 56 percent of all installed OpenSSL versions are over four years old. That is a strong indicator that security teams are not patching, said Cisco.
