Cisco Warns that Businesses Fail to Keep Pace with Cybercriminals

Cisco's Midyear Security Report for 2015 which was launched recently highlights that cyber crooks continue to be ahead of several businesses.

Rombertik, Angler, Dridex and Adware MultiPlug were the four prominent examples of cyber attackers employing progressive advanced malware to aim their victims.

The Angler EK (exploit kit) has swiftness which is one of its core strengths and it has successfully employed flaws in Java, Flash, Silverlight and Internet Explorer to hijack online users. It constantly throws out "hooks" to increase its efficiency and it can generate bogus landing pages resembling normal websites. Rate of success reveals that 40% of individuals encountering an Angler landing page get compromised.

In several cases, attackers get advantage from the time gap between discovering vulnerability and issuing a patch. Latest instance is the critical Adobe Flash upgrade which was issued early this July after security experts of Hacking Team discovered the issue.

Cisco report explains that in a world where it is guaranteed and assumed that users and their systems would be compromised, necessary focus for businesses and security teams should be obviously to detect evasive threats.

Interestingly, the report said that ransomware is another cause of concern.

Cisco said: "Ransomware encrypts files of users targeting everything from fiscal files to family pictures and demands ransom amount from users to provide keys for decryption. The ransom demand is not excessive because only $300 to $500 is asked. The idea of asking not so high ransom is that people might pay easily and it might not compel them to call law enforcement agency."

One major area of apprehension in the report is the average time consumed for detection which ranges from 100 to 200 days which is very slow as compared to speed with which cyber threats can now expand.

The report reveals that till now, 2015 has seen exceptional speed in innovation, resiliency and evasiveness of attacks. Betanews.com published news on 28th July, 2015 quoting Craig Williams, Security Outreach Manager of Cisco, as saying "Attackers have no barriers to roll out new technology and users are not active in moving to new versions to stop attacks".

» SPAMfighter News - 8/7/2015