By John Stewart
The Cisco 2014 Midyear Security Report has been released, diving into threat intelligence and cybersecurity trends for the first half of 2014.
You may be thinking, “What could have possibly changed since January?” True to form, the attacker community continues to evolve, innovate, and think up new ways to discover and exploit weak links in the security chain. Also true to form, they sometimes simply use tried and true methods to exploit some of the same old vulnerabilities that continue to present themselves. The 2014 Midyear Security Report hits on all aspects and once again illustrates that in the age of the Internet of Things, as the attack surface grows, so too grow the number of attacks, the types of attacks, and the impacts of these attacks.
The 2014 Midyear Security Report follows the annual report that we published in January and is based on the hard data collected through Cisco’s security products and analyzed by our researchers. It pulls no punches and provides an honest assessment about what is happening out there and offers suggestions about what we can do about it.
Here are a few highlights that should pique your interest:
- As part of Cisco’s ongoing “Inside Out” project examining Domain Name System (DNS) queries originating from inside the corporate networks of select Cisco customers, researchers found:
- Nearly 94 percent of customer networks observed in 2014 have been identified as having traffic going to websites that host malware.
- Nearly 70 percent of networks were identified as issuing DNS queries for Dynamic DNS Domains.
- Nearly 44 percent of customer networks observed in 2014 have been identified as issuing DNS requests for sites and domains with devices that provide encrypted channel services, used by malicious actors to cover their tracks by exfiltrating data using encrypted channels to avoid detection like VPN, SSH, SFTP, FTP, and FTPS.
In short, we found no shortage of attackers discovering and exploiting weak links. For every weak link, however, there is a solution and we also in this report take a look forward and offer insights on how to make a difference. Among these insights:
- Security risks the Internet of Things is likely to create and why organizations should take a proactive approach to address them
- The value of using predictive analytics and machine learning to help identify hard-to-detect threats on the network
- A trend among organizations toward viewing cybersecurity as both a strategic risk and a business process
- The need for visibility-driven, threat-focused, and platform-based security solutions that cover the entire attack continuum—before, during, and after an attack—to help close security gaps and reduce complexity caused by disparate products
For a deeper dive on the weak links, broader views on impacts, and additional thoughts about how to continue to strengthen the security chain, please check out the report and let us know what you think.