BLOG: Cisco study finds unprecedented growth in threats

Jim Duffy

Cisco says there's been an unprecedented growth in advanced attacks and malicious traffic on networks, with overall vulnerabilities and threats reaching their highest levels since 2000. This is one of the findings in Cisco's 2014 Annual Security Report issued this week.

As of Oct. 2013, cumulative annual alert totals increased 14% from 2012. All of the 30 multinational companies in Cisco's survey sample generated visitor traffic to Web sites that host malware, and 96% of them communicated with hijacked servers.

Ninety-two percent of them sent traffic to Web sites without content, which Cisco says typically host malicious activity.

The pharmaceutical and chemical industries, and the electronics manufacturing industry have historically had high malware encounter rates but the last two years saw "remarkable growth" in malware encounters for the typically low-risk agriculture and mining industry sectors. Malware encounters also continued to rise in the energy, oil and gas sectors, the Cisco study found.

Multipurpose Trojans were the most frequently encountered web-delivered malware in 2013. Data theft Trojans, such as password stealers and backdoors, made up 22% of total web malware encounters. A 30% drop in unique malware hosts and IP addresses between Jan. 2013 and Sept. 2013 indicate that malware is being concentrated in fewer hosts and fewer IP addresses, according to the Cisco report.

Java continues to be the most frequently exploited programming language targeted by online criminals. Java exploits make up 91% of Indicators of Compromise, Cisco says.

Distributed Denial of Service attacks have increased in both volume and severity, the Cisco report found. And 99% of all mobile malware targeted Android devices, with Andr/Qdplugin-A the most frequently encountered mobile malware arriving in repackaged copies of legitimate apps distributed by non-official marketplaces.

Source: Network World