Earlier this month Cisco released their 2017 Mid-year Cybersecurity Report. Cisco has been publishing this comprehensive cybersecurity report for nearly a decade with the goal to keep security teams updated on the latest cybersecurity threats and steps they can take to improve security and cyber-resiliency. The latest report highlights the “rapid evolution of threats and the magnitude of the attacks” seen throughout the first half of this year.
Revenue generation is still the primary driving factor of cybercriminals. It is no secret that ransomware is major player in cybersecurity this year, and has become big business for cybercriminals. Ransomware is the most profitable malware in history, profiting cyber criminals over $1 billion in 2016! However, ransomware is not the only cyber threat worrying experts this year. Attackers are now aiming to not only attack, but to destroy organizations’ “safety nets” and prevent them from restoring systems and data. Cisco has coined a name for this new attack inclination – destruction of service (DeOS).
Many of the security trends highlighted in this mid-year report tie into DeOS. Distributed Denial of Service (DDoS) and ransomware attacks are disrupting organization’s networks, and damaging their ability to recover from an attack. The report also highlights the impact these attacks will have on the emerging Internet of Things (IoT) devices and systems, which were not designed to protect themselves against cyberattacks.
In the first half of 2017 experts have reported a trend in malware development – authors are focusing more on delivery, obfuscation and evasion. Malware adversaries are using sandbox environments for malware distribution. This prevents detection of maliciousness allowing these malicious emails to bypass automated malware detection systems. Ransomware-as-a-service platforms are also quickly growing.
Organizations time to detection has been trending downward through the first half of the year. This shows that defenders are able to identify known threats quickly, which is putting more pressure on attackers to find new tactics to avoid detection. Time to detection has been trending downward, but lack of visibility is still a challenge for many organizations, especially those organizations who have embraced the IoT. The IoT presents great opportunity for innovation and enhanced collaboration, however most defenders do not have visibility to what IoT devices are connected to the organizations network. In an IoT world, a layered defense strategy with a proactive and dynamic security approach are the key to protecting your network from cyberattacks, or at the very least mitigating the impact should your environment be compromised. This strategy and other security strategies, segmented by eight key verticals, are discussed in more depth in the full Cisco 2017 Midyear Cybersecurity Report.
The mid-year report also outlines:
- the decrease in time to detection
- decline in exploit kit activity and implications on global spam trends
- Talos threat intelligence
- time to detection trends and implications
- domain generation algorithms life spans and overlap
- adversary tactics
- key security concerns of eight industry verticals
Read the Cisco 2017 Midyear Cyber Security Report Executive Summary here.
Register for the free webinar 9/14 addressing the findings from the Cisco 2017 Midyear Cybersecurity Report here.
Written By: Eden Penman, LookingPoint Marketing Manager