The Cisco 2015 Midyear Security Report, which analyses threat intelligence and cybersecurity trends, reveals the critical need for organisations to reduce time to detection (TTD) in order to remediate against sophisticated attacks by highly motivated threat actors.
In the first half of 2015, the hallmark of online attackers may be their willingness to evolve new tools and strategies—or recycle old ones—to dodge security defences.
Through tactics such as obfuscation, they can not only slip past network defences but also carry out their exploits long before they are detected—if ever. With such malicious software getting more pervasive and without effective countermeasures, it will be just a matter of time before organisations are breached.
Security vendors are responding with their own innovations. For example, researchers are adding support for the analysis of new file formats such as .cab and .chm as new attacks are detected using those formats. In addition, vendors are developing new detection engines and constantly evaluating and evolving heuristics.
Security vendors know they need to stay agile, Cisco said. If they or their networks let down their guard even briefly, attackers will get the upper hand. But the pace of innovation in the industry is not as rapid as it needs to be. Overall, Cisco’s findings underscore the need for businesses to deploy integrated solutions vs. point products, work with trustworthy vendors, and enlist security services providers for guidance and assessment. Further, geopolitical experts have declared that a global cyber governance framework is needed to sustain economic growth.
The notable findings from Cisco’s 2015 Annual Security Report and the 2015 Midyear Security Report:
- Cyber-attacks are becoming costlier and harder to address – In 2014, the average cost of a breach has increased to US$5.9 (RM25.3) million. But more significantly, the average turn-over time to resolve a cyber-attack is now 45 days, which is almost 50 percent longer than a year ago.
- Organisations are unable to detect breaches in a timely manner – It can take more than two years for some organisations to discover a breach, while over half of the companies are unable to determine the exact point of intrusion.
- Web, network and email are the top 3 attack vectors – All three are ubiquitous nowadays, especially in Asia Pacific with its high mobile and internet penetration rates.
- Hacking is the top cause of a breach – This is followed closely by malware and social. The latter is cited by analysts as a major disruptor in today’s highly connected world.
- At a staggering cost of US$245 (RM1053) million, the retail sector was hardest hit last year – Next in line is financial services at US$80 (RM344) million , then healthcare at US$4.5 (RM19.3) million
- Mobile malware is the new frontier for attackers – Meanwhile, 99 percent of these malicious software are targeting the Android operating system in 2013.
- Flash is back – Exploits of Adobe Flash vulnerabilities, which are integrated into Angler and Nuclear exploit kits, are on the rise.
- The evolution of Ransomware – Ransomware remains highly lucrative for hackers as they continue to release new variants.
- Dridex: Campaigns on the fly – The creators of these quickly mutating campaigns have a sophisticated understanding of evading security measures.
[Download PDF]– Cisco 2015 Midyear Security Report