Malware is becoming more sophisticated and harder to combat. Businesses face a slew of threats from network-based ransomware worms to catastrophic wiper malware. Attackers are also getting more adept at writing malware that can bypass traditional sandboxing.
This was one of the findings of the Cisco 2018 Annual Cybersecurity Report, which also revealed that as of October last year, 50% of global Web traffic was encrypted.
Although encryption is meant to enhance security, it also gives malicious actors a powerful tool to conceal command-and-control activity, giving adversaries additional time to inflict maximum damage.
Because encryption also reduces visibility, the report said that more and more organisations have turned to machine learning and artificial intelligence (AI). This gives them the ability to spot anomalous patterns in large volumes of encrypted Web traffic that can be further investigated by security teams.
However, some of the 3 600 CISOs who were interviewed for the report said they were frustrated by the number of false positives such systems generate. "While still in its infancy, machine learning and AI technologies over time will mature and learn what is 'normal' activity in the network environments they are monitoring," says Cisco.
John Stewart, SVP and chief security and trust officer at Cisco, said last year's evolution of malware shows that adversaries continue to learn and develop. "We have to raise the bar now with top-down leadership, business-led technology investments and effective security. There is too much risk, and it is up to us to reduce it."
Another highlight from the report showed that the financial cost of attacks is no longer a hypothetical number, with more than half of all attacks resulting in financial damages of over $500 000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs.
In addition, supply chain attacks are increasing in frequency and complexity, and can "impact computers on a massive scale" and linger for months or even years. Cisco says businesses need to be aware of the potential risk of using software or hardware from companies that do not appear to have a responsible security posture.
The report also highlighted how the use of the cloud is growing and how attackers are taking advantage of the lack of advanced security. "Twenty-seven percent of security professionals said they are using off-premises private clouds, compared with 20% in 2016. Among these, 57% said they host networks in the cloud because of better data security, 48% because of scalability, and 46% due to ease of use.
"While cloud offers better data security, attackers are taking advantage of the fact that security teams are having difficulty defending evolving and expanding cloud environments. The combination of best practices, advanced security technologies like machine learning, and first-line-of-defence tools like cloud security platforms can help protect this environment," said Cisco.
Share