/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: Cisco's first-ever Annual Security Report provides an overview of the combined security intelligence of the entire Cisco organization.
The report encompasses threat information and trends collected between January and September 2007.
It goes farther than viruses or worms and delves into seven categories: vulnerability, physical, identity, human, trust, legal, and geopolitical.
According to the report, despite the unprecedented innovation and adaptability in security threats, in 2007 criminals demonstrated their ability to evolve attacks to keep ahead of even the most advanced human and technical defenses.
The biggest spam delivery innovation of late 2005 and 2006 was the emergence of image spam, but 2007 saw the rise of a new strategy: spreading spam within document attachments.
By employing common office document files to deliver spam messages (usually “pump-and-dump” stock scams), spammers were able to elude traditional spam filtering techniques.
Also, the use of Web sites to host malicious code exploded in 2007. Antivirus vendor Sophos reported in April that per day it was identifying 30,000 new malicious Web sites, which, as well as many legitimate sites that were infected with malicious code, infected millions of users in 2007.
Recommendations
Some of the key recommendations include the need for organizations to have strong policies and procedures in place to continually monitor the behavior of all applications in the environment.
Keep applications up to date with all patches and bug fixes to remove known vulnerabilities. The report warns organizations never to click on an e-mail attachment, document, or URL from an unknown or untrustworthy source.
Attachments or URLs that arrive unexpectedly, even from a trustworthy source, should be checked to ensure that they were intentionally delivered.
Organizations should be asking vendors more questions about security and letting vendors know that application security is a major concern.
Other recommendations include the continuous monitoring of security intelligence for attack trends, employing host-based IPS solutions whenever possible, monitor Web sites for infiltration by malicious code, etc.
Businesses should be vigilant in following effective security practices, such as placing anti-ARP spoofing measures on all switches that service user-accessible subnets.
Forecast for 2008
Malware attacks exploiting application vulnerabilities will continue to grow. More organizations will likely to be targeted by professional attackers.
While much of the current professional cyber crime activity targets home users, organizations will likely see more infected systems attempting to access protected networks. More malware may execute in system memory, not on hard drives.
Malware attacking rootkits that executed entirely in system memory emerged during 2007.
The huge increase in the use of multipurpose smartphones such as the Apple iPhone means that there are more mobile devices with fully functional operating systems in use than ever before.
Expect future mobile malware attacks to propagate via mobile e-mail, SMS, WiFi, and instant messaging applications.
More malware will target portable media and gaming devices like iPods and other flash media used to store sensitive business information.
As malware development increasingly becomes a for-profit business enterprise, attackers will be looking to generate more value from their efforts by striving to hit more systems with a single attack project.