Cisco 2014 Annual Security Report
1
WHERE THE VULNERABILITIES LIE 1 CYBERCRIMINALS HOW THEY WORK 2 Network End Points Mobile Devices Virtual Environments Cybercriminals are becoming more advanced, creative and strategic. POLICIES, PLATFORMS, CONTROLS 3 High infection strategies to take control of web servers, name servers and data centres Compromised Hosting Server Compromised Website Compromised Website Compromised Website Compromised Website JAVA is the #1 vulnerability to access a system, through the use of: Mobile malware Brute force logins Multi-purpose trojans iframes and exploits Ransomware Dowloader and dropper Worms and virus 3rd party vendors Distributed denial-of-service (DDos) attacks Bitsquatting 91% Survey Write Test Execute Accomplish the mission Obtain a full picture of an environment: network, endpoint, mobile, and virtual, including the technologies deployed to secure the environment. Create targeted, context-aware malware. Ensure the malware works as intended, specifically so it can evade security tools in place. Navigate through the extended network—being environmentally aware, evading detection, and moving laterally until reaching the target. Gather data, create disruption, or cause destruction. THIS IS ACCOMPLISHED THROUGH INNOVATORS RESELLERS USERS the people creating the software and techniques people setting up online stores to resell data, technologies and software becoming Crimeware as a Service It is a huge, profitable business with many cybercriminals adopting a professional business model. $ $ $ $ $ $ $ BEFORE To defend your network, organisations must be aware of what is on it: DURING Organisations must address a broad range of attack vectors with solutions that operate everwhere AFTER Many attacks wil be successful. You need a formal plan to bring operations back to normal as quickly as possible Devices Operating Systems Services Applications Users Additionally they must Implement acccess controls Enforce security policies Block access to critical access Network End Points Mobile Devices Virtual Environments Read the full Cisco 2014 Annual Security Report here i ANNUAL SECURITY REPORT CISCO 2014 @CiscoSecurity SECURITY alerts reached their peak in October 2013 since records began, with malicious traffic now being detected on 100% of business and corporate networks 100% Charting the new security frontier for 2014 Cybercriminals are launching new threats faster than security professionals can address them. Adam Philpott, Director EMEAR Cybersecurity at Cisco, offers insight into you how to stay one step ahead. Read More Malware matters – why ignorance is not bliss Read More Cisco Security: Stop the breach Watch Now
-
Upload
cisco -
Category
Technology
-
view
977 -
download
3
description
SECURITY alerts reached their peak in October 2013 since records began, with malicious tra
ffic now being detected on 100% of business and corporate networks. Read the full Cisco 2014 Annual Security Report here: http://cs.co/jlbSSs14.
Transcript of Cisco 2014 Annual Security Report
WHERE THE VULNERABILITIES LIE1
CYBERCRIMINALSHOW THEY WORK2
Network
End Points
Mobile Devices
VirtualEnvironments
Cybercriminals are becoming more advanced, creative and strategic.
POLICIES, PLATFORMS, CONTROLS3
High infection strategies to take control of web servers, name servers and data centres
Compromised Hosting Server
Compromised Website
Compromised Website
Compromised WebsiteCompromised
Website
JAVAis the #1 vulnerability to access a system,through the use of:
Mobile malware
Brute force logins
Multi-purpose trojans
iframes and exploits
Ransomware
Dowloader and dropper
Worms and virus
3rd party vendors
Distributed denial-of-service (DDos) attacks
Bitsquatting
91%
Survey
Write
Test
Execute
Accomplish the mission
Obtain a full picture of an environment: network, endpoint, mobile, and virtual, including the technologiesdeployed to secure the environment.
Create targeted, context-aware malware.
Ensure the malware works as intended, speci�cally so it can evade security tools in place.
Navigate through the extended network—being environmentally aware, evading detection, and moving laterally until reaching the target.
Gather data, create disruption, or cause destruction.
THIS IS ACCOMPLISHED THROUGH
INNOVATORS
RESELLERS
USERS
the people creating the software and
techniques
people setting up online stores to resell
data, technologies and software
becoming Crimeware as a Service
It is a huge, pro�table business with many cybercriminals adopting a professional business model.$
$
$
$
$
$
$
BEFORE To defend your network, organisations must be aware of what is on it:
DURING Organisations must address a broad range of attack vectors with solutions that operate everwhere
AFTER Many attacks wil be successful. You need a formal plan to bring operations back to normal as quickly as possible
Devices Operating Systems Services Applications Users
Additionally they must
Implement acccess controls Enforce security policies Block access to critical access
Network End Points Mobile Devices VirtualEnvironments
Read the full Cisco 2014 Annual Security Report herei
ANNUAL SECURITY REPORTCISCO 2014
@CiscoSecurity
SECURITY alerts reached their peak in October 2013 since records began, with malicious tra�c now being detected on 100% of business and corporate networks100%
Charting the new security frontier for 2014
Cybercriminals are launching new threats faster than security professionals can address them.
Adam Philpott, Director EMEAR Cybersecurity at Cisco, o�ers insight into you how to stay one step ahead.
Read More
Malware matters – why ignorance is not bliss
Read More
Cisco Security: Stop the breach
Watch Now
