Express Computer
Home  »  News  »  “Weak links primary contributors for threat landscape of enterprises”: Cisco report

“Weak links primary contributors for threat landscape of enterprises”: Cisco report

0 416

Weak links in organisations are the primary contributors to the increasingly dynamic threat landscape, stated a Cisco Midyear Security report released today. These weak links, which could be outdated software, bad code, abandoned digital properties, or user errors, contribute to the adversary’s ability to exploit vulnerabilities with methods such as DNS queries, exploit kits, amplification attacks, point-of-sale (POS) system compromise, malvertising, ransomware, infiltration of encryption protocols, social engineering and “life event” spam.

The report also shows that focus on only high-profile vulnerabilities rather than on high-impact, common and stealthy threats puts these organisations at greater risk. By proliferating attacks against low-profile legacy applications and infrastructure with known weaknesses, malicious actors are able to escape detection as security teams focus instead on boldface vulnerabilities, such as Heartbleed.

Researchers closely examined 16 large multinational organisations, who, as of 2013, collectively controlled over $4 trillion in assets with revenues in excess of $300 billion. This analysis yielded three compelling security insights tying enterprises to malicious traffic, “Nearly 94% of customer networks observed in 2014 have been identified as having traffic going to websites that host malware. Specifically, issuing DNS requests for hostnames where the IP address to which the hostname resolves is reported to be associated with the distribution of Palevo, SpyEye, and Zeus malware families that incorporate man-in-the-browser (MiTB) functionality.”

Secondly, about 70% of networks were identified as issuing DNS queries for Dynamic DNS Domains. This shows evidence of networks misused or compromised with botnets using DDNS to alter their IP address to avoid detection/blacklist. Few legitimate outbound connection attempts from enterprises would seek dynamic DNS domains apart from outbound C&C callbacks looking to disguise the location of their botnet.

Lastly, about 44% of customer networks observed in 2014 have been identified as issuing DNS requests for sites and domains with devices that provide encrypted channel services, used by malicious actors to cover their tracks by exfiltrating data using encrypted channels to avoid detection like VPN, SSH, SFTP, FTP, and FTPS.

According to Cisco, the number of exploit kits has dropped by 87% since the alleged creator of the widely popular Blackhole exploit kit was arrested last year.

Java continues its dubious distinction as the programming language most exploited by malicious actors. Cisco security researchers found that Java exploits rose to 93% of all indicators of compromise (IOCs) as of May 2014, following a high point of 91% of IOCs in November 2013 as reported in the Cisco 2014 Annual Security Report.

The report further explained that for the first half of 2014, the pharmaceutical and chemical industry, a high-profit vertical, has once again been placed in the top three high-risk verticals for web malware encounters. Media and publishing led the industry verticals posting nearly four times the median web malware encounters, and aviation slid into third place with over twice the median web malware encounters globally. The top most affected verticals by region were media and publishing in the Americas; food and beverage in EMEAR (Africa, Europe and the Middle East) and insurance in APJC (Asia-Pacific, China, Japan and India).

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image