Like every year, Cisco has released the Annual Security Report that is one of the preeminent security reports that examines the latest threat intelligence, providing industry insights, trends and key findings revealing cybersecurity trends.
During this year, attackers have become more proficient at taking advantage of gaps in security to evade detection and conceal malicious activity. Security teams, must be constantly improving their approach to protect their organization from these increasingly sophisticated cyber attack campaigns. These issues are further complicated by the geopolitical motivations of the attackers and conflicting requirements imposed by local laws with respect to data sovereignty, data localization and encryption.
On the security side, organizations appear to have upped their game by adopting more sophisticated tools for preventing attacks and reducing their impact.
But at the same time, cyber criminals are expanding their tactics and adapting their techniques to carry out cyber attack campaigns in ways that make it harder to detect and analyze. The top three trends last year that Cisco’s threat intelligence has identified are:
- Web Exploits Hiding in Plain Sight: Online criminals are using other less common kits to successfully carry out their tactics.
- Snowshoe Spam: Attackers are sending low volumes of spam from a large set of IP addresses to avoid detection, creating an opportunity to leverage compromised accounts in multiple ways.
- Malicious Combinations: Flash and JavaScript have historically been insecure on their own, but with advances in security detection and defenses, attackers have adapted by deploying exploits which combine their respective weaknesses.
For a complete copy of the security research report to www.cisco.com/go/asr2015
References:
