Dec 18, 2008 : Cisco Identifies Spam Threats
📅 - Providing a snapshot of the current state of security, a new Cisco (cisco.com) report has shone a light on this year's worldwide online security threats, warning that sophisticated, targeted Internet attacks will only increase in the new year.
The Cisco Annual Security Report, released this week, provides a comprehensive overview of the combined security intelligence of the entire Cisco organization, encompassing threat and trends information collected between January and October 2008.
"Every year we see threats evolve as criminals discover new ways to exploit people, networks and the Internet. This year's trends underscore how important it is to look at all basic elements of security policies and technologies," Cisco fellow and chief security researcher Patrick Peterson said in a statement.
Cisco also released figures that may be worrying for IT managers. It found that between 2007 and 2008, the overall number of disclosed vulnerabilities grew by 11.5 percent, and vulnerabilities in virtualization products nearly tripled to 103 from 35 in 2007. Cisco also reported a 90 percent growth rate in threats originating from legitimate domains - nearly double the 2007 rate of growth.
All-in-all, spam accounts for nearly 200 billion messages daily - roughly 90 percent of email sent worldwide, according to the report. Most of it originates in the US, which contributes 17.2 percent, followed by Turkey with 9.2 percent, Russia with 8 percent, Canada with 4.7 percent, Brazil with 4.1 percent, India with 3.5 percent, Poland with 3.4 percent, and South Korea with 3.3 percent.
The Cisco report has reached the attention of many bloggers including Kevin Parrish, who notes that in the last few weeks, consumers have inundated by junk emails, which are becoming more targetted and more dangerous. "Lately consumers have noticed that many of these electronic nuisances seem more personalized, flowing into email clients bearing their actual email addresses or bearing some type of familiar, personal information," Parrish wrote. "Their tailor-made messages - a method called spear-phishing - are coming in at an alarming rate, attacking personal and business accounts alike, and shows no sign of easing up."
While Spear-phishing, according to the report currently represents only about one percent of all phishing campaigns, it is expected to become more prevalent, because the higher "jackpots" criminals score when they succeed in obtaining personal data from specially targeted victims is worth the time and resources it takes to make messages seem credible.
With security suites and antivirus software, most consumers are armed with some kind of spam protection, however, well-targeted messages often slip under the radar undetected.
Some of the major trends for IT companies to watch for in the new year include insider threats, data loss and remote working issues.
Intensified by major cutbacks during the economic downturn, insider threats include negligent or disgruntled employees who threaten corporate security, making better collaboration between IT, HR, and other lines of business crucial to mitigate threats.
Data loss, whether through carelessness, hacker breaches or from insiders, is a growing problem that can lead to grave financial losses, causing companies to turn to technology, education and clear, well-enforced data security policies to make compliance easier and reduce incidents.
While network technology advances have made remote working increase productivity, Web-based tools, mobile devices, virtualization, "cloud computing" and similar technologies will prove a challenge for security personnel.
Peterson concludes, "Organizations can lower their risk of data loss by fine-tuning access controls and patching known vulnerabilities to eliminate the ability for criminals to exploit holes in infrastructures. It is important to upgrade applications, endpoint systems and networking equipment to help ensure that corporate systems run smoothly and minimize risk."
The Cisco Annual Security Report, released this week, provides a comprehensive overview of the combined security intelligence of the entire Cisco organization, encompassing threat and trends information collected between January and October 2008.
"Every year we see threats evolve as criminals discover new ways to exploit people, networks and the Internet. This year's trends underscore how important it is to look at all basic elements of security policies and technologies," Cisco fellow and chief security researcher Patrick Peterson said in a statement.
Cisco also released figures that may be worrying for IT managers. It found that between 2007 and 2008, the overall number of disclosed vulnerabilities grew by 11.5 percent, and vulnerabilities in virtualization products nearly tripled to 103 from 35 in 2007. Cisco also reported a 90 percent growth rate in threats originating from legitimate domains - nearly double the 2007 rate of growth.
All-in-all, spam accounts for nearly 200 billion messages daily - roughly 90 percent of email sent worldwide, according to the report. Most of it originates in the US, which contributes 17.2 percent, followed by Turkey with 9.2 percent, Russia with 8 percent, Canada with 4.7 percent, Brazil with 4.1 percent, India with 3.5 percent, Poland with 3.4 percent, and South Korea with 3.3 percent.
The Cisco report has reached the attention of many bloggers including Kevin Parrish, who notes that in the last few weeks, consumers have inundated by junk emails, which are becoming more targetted and more dangerous. "Lately consumers have noticed that many of these electronic nuisances seem more personalized, flowing into email clients bearing their actual email addresses or bearing some type of familiar, personal information," Parrish wrote. "Their tailor-made messages - a method called spear-phishing - are coming in at an alarming rate, attacking personal and business accounts alike, and shows no sign of easing up."
While Spear-phishing, according to the report currently represents only about one percent of all phishing campaigns, it is expected to become more prevalent, because the higher "jackpots" criminals score when they succeed in obtaining personal data from specially targeted victims is worth the time and resources it takes to make messages seem credible.
With security suites and antivirus software, most consumers are armed with some kind of spam protection, however, well-targeted messages often slip under the radar undetected.
Some of the major trends for IT companies to watch for in the new year include insider threats, data loss and remote working issues.
Intensified by major cutbacks during the economic downturn, insider threats include negligent or disgruntled employees who threaten corporate security, making better collaboration between IT, HR, and other lines of business crucial to mitigate threats.
Data loss, whether through carelessness, hacker breaches or from insiders, is a growing problem that can lead to grave financial losses, causing companies to turn to technology, education and clear, well-enforced data security policies to make compliance easier and reduce incidents.
While network technology advances have made remote working increase productivity, Web-based tools, mobile devices, virtualization, "cloud computing" and similar technologies will prove a challenge for security personnel.
Peterson concludes, "Organizations can lower their risk of data loss by fine-tuning access controls and patching known vulnerabilities to eliminate the ability for criminals to exploit holes in infrastructures. It is important to upgrade applications, endpoint systems and networking equipment to help ensure that corporate systems run smoothly and minimize risk."
Reads: 2418 | Category: General | Source: TheWHIR : Web Host Industry Reviews
URL source: http://www.thewhir.com/marketwatch/121808_Cisco_Identifies_Spam_Threats.cfm
Want to add a website news or press release ? Just do it, it's free! Use add web hosting news!
📅 - 
📅 - 
📅 - 
📅 - 
📅 -