HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 5 MINUTES AGO.
You are here: Home / World Wide Web / Weak Links in Enterprise Security
Cisco: Weak Links Exist in Enterprise Security
Cisco: Weak Links Exist in Enterprise Security
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
AUGUST
05
2014
(Page 2 of 2)

The third insight is around encrypting stolen data. Cisco reported that nearly 44 percent of the customer networks it observed in 2014 are issuing DNS requests for sites and domains with devices that offer encrypted channel services. Malicious actors use these services to cover their tracks by exfiltrating data using encrypted channels to avoid detection like VPN, SSH, SFTP, FTP, and FTPS.

Good News, Bad News

The good news is the number of exploit kits has dropped by 87 percent since the alleged creator of the widely popular Blackhole exploit kit was arrested last year, according to Cisco security researchers. But the not-so-good news is that java is still the programming language most malicious actors exploit. Cisco researchers report Java exploits rose to 93 percent of all indicators of compromise as of May 2014.

Finally, for the first six months of 2014, the pharmaceutical and chemical industry placed in the top three high-risk verticals for Web malware encounters. Media and publishing led the industry verticals posting nearly four times the median Web malware encounters. Aviation fell into third place with over twice the median Web malware encounters globally.

We turned to Chester Wisniewski, a Senior Security Advisor at security firm Sophos, to get his thoughts on the Cisco report. He told us the findings reflect what the industry has been seeing for a long time. That is, attackers are persistent, unrelenting and choose the easiest methods possible to bypass corporate defenses, primarily attacking where you aren't looking.

"The report is very biased toward only the largest of organizations though," Wisniewski said. "Small and mid-sized businesses, the vast majority, should not take comfort that this is a Fortune 50 problem. These same methods are being used against everyone from Mom and Pop pizza joints to multinational defense contractors. Everyone has something worth stealing."

< Previous Page  1  2

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Neustar, Inc. (NYSE: NSR) is a trusted, neutral provider of real-time information and analysis to the Internet, telecommunications, information services, financial services, retail, media and advertising sectors. Neustar applies its advanced, secure technologies in location, identification, and evaluation to help its customers promote and protect their businesses. More information is available at www.neustar.biz.
MORE IN WORLD WIDE WEB
Product Information and Resources for Technology You Can Use To Boost Your Business

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.