Cisco Misplaced Trust the Biggest Threat to Enterprise Security

The current forecast for cyber security in 2014 is “grim” and has the potential to get even worse, according to new research from Cisco. The report concludes that if technologies like cloud computing and the growth in the use of mobile technologies are creating a wider landscape for hackers to work on, then trust is the open door letting hackers into systems.  

Doing it to Themselves

The report, which was only released this morning, demonstrates how hackers and their malware exploit and attack enterprise systems. But it also notes that users themselves are making the job of hackers a whole lot easier.

But let’s have a deeper look at the issue of trust. According to the Cisco 2014 Annual Security Report, one of the biggest threats to enterprises is the trust users place in their IT systems, applications and personal networks.

Instead of having healthy caution about offering access to networks and infrastructure, users are placing too much trust in the systems designed to protect them. This is opening the door to cybercriminals, whose increasingly sophisticated attacks are damaging both enterprise systems and reputations.

The report also points out that this is aggravated by the emergence of new forms of embedded malware, which can remain undetected for long periods while it steals information and disrupts critical systems.

The final ingredient in this unhealthy mix is a worldwide shortage of nearly one million skilled security professionals, which is affecting the ability of organizations to protect themselves against current and emerging threats — creating a toxic recipe for IT mayhem over 2014.

Cisco_where threats occur.jpg

Malware Threats

Threats include the socially engineered theft of passwords and credentials, hide-in-plain sight infiltrations and the ongoing exploitation of trust that can compromise economic transactions, public services and social interactions online.

The result is that the overall vulnerability level is at the highest it has been since 2000. Every day:

  • 4.5 billion emails are blocked
  • 80 million web requests are blocked
  • 6450 endpoint file detections occur in FireAMP
  • 3186 endpoint file detections occur in FireAMP
  • 50,000 network intrusions are detected

It's a vicious cycle. People are too trusting, allowing threats into the enterprise. But that exploitation of their trust causes erosion of the remaining trust. The key, the report suggests, is better awareness and defense against attacks. Enterprise IT departments must understand the attackers, their motivations and their methods – before, during and after an attack, noted John Stewart, chief security officer at Threat Response Intelligence and Development in Cisco.

Specific Threats

The 81-page report covers the full threat landscape, including threats to infrastructure, security issues around cloud computing, the vulnerabilities created by mobile devices and of course misplaced trust. Among the highlights:

  • Java is the most frequently exploited programming language targeted by online criminals
  • Android devices are the target of 99 percent of all attacks with malware called Andr/Qdplugin-A the most common offender that enters systems as legitimate apps sold in unofficial marketplaces
  • In terms of verticals targeted, in 2012 and 2013, there was a notable growth in malware attacks in the agriculture and mining industry
  • Cyber criminals are increasingly targeting infrastructure "with the goal of proliferating attacks across legions of individual assets served by these resources."

Cisco_the most vulnerable applications.jpg

One final figure here that is telling and worth keeping in mind is that 100 percent of a sample of 30 of the world’s largest multinational companies generated visitor traffic to web sites that were found to host malware. A further 96 percent of networks surveyed communicated traffic to hijacked servers.

If you think you’re safe from these attacks, keep in mind some of the attacks that occurred over 2013, the most notable of which are the Adobe attack, in which millions of passwords and identifiers were stolen, or the recent data breach at Target. Think about the damage such an attack could do to your company and then start revising your security policies.

Title image by empics (Shutterstock).