The rapid expansion of connected devices is a double-edged sword for businesses. On one hand, mobility, cloud, and BYOD innovations enable unprecedented flexibility, collaboration, and ease of access for employees. Fifty percent of employers will adopt BYOD policies by 2017, and 90 percent of American workers are already using their own smartphones for work. But this flexibility comes with a cost: as endpoints multiply, controlling network access becomes increasingly difficult. The vast majority – 90 percent – of organizations lack full awareness of all of the devices accessing their network. At the same time, insiders perpetrate 34 percent of all cybercrimes highlighting the key role of identity access management in maintaining a strong cybersecurity posture.
The digital economy and the Internet of Everything (IoE) are creating a host of new opportunities. With as many as 50 billion connected devices by 2020, this wave of digitization will spell new opportunities for organizations and governments and the consumers and citizens they serve.
Yet, the more things become connected, the more opportunities exist for malicious actors as well. We are now dealing with a new world where more and more devices are creating a broader and more diverse attack surface that can be exploited.
Attackers are becoming stealthier, better organized, collaborating extensively, and are well resourced. According to the Cisco 2015 Annual Security Report, malware is becoming increasingly sophisticated and elusive. Since 2009, we have seen a 66 percent compound annual growth rate of detected security incidents.
In order to respond faster to threats and achieve better outcomes requires a tightly integrated security architecture that is as pervasive as the devices and services we are protecting. For this reason, we believe that the most effective way to confront these challenges is to evolve to an approach that extends security everywhere – both embedded into the intelligent network infrastructure and pervasive across the extended network – from the service provider to the enterprise network infrastructure, data center, IoT, cloud and endpoint. This is essential to protect today’s wide array of attack vectors while positioning security to act as a growth engine to enable companies to seize new business opportunities.
The topic of cybersecurity has become so ubiquitous that it’s almost a daily occurrence to read or hear about security breaches in the news. Cisco understands this paradigm shift within the nature of computing, that the Digital Economy and the Internet of Everything now requires what we are calling Security Everywhere. Security has to span the extended network in order to protect against an ever growing array of attack vectors. Scott Harrell, Vice President Product Management has written a more detailed blog about this specific topic here .
The key point to note about Security Everywhere is that organizations are under unrelenting attack and breaches are happening every day. Attackers have also created sophisticated malware that can be launched into the network, gather information to intelligently understand exactly what, when and how to attack and then launch an extremely surgical and devastating attack against the network. Our Cisco 2015 Annual Security Report is an excellent resource for detailed research about the nature and frequency of attacks against the enterprise.
In one of my previous posts, I noted how Network Access Control (NAC) platforms have started evolving into more visibility-focused and context-aware platforms in the face of major business trends such as enterprise mobility, the migration of resources to the cloud, and the ubiquitous Internet of Everything. Consequently, “new NAC” technology has quietly transformed from a complicated set of controls – outdated in a more mobile world – into a powerful business enabler for enterprises.
The Cisco Visual Networking Index (VNI) forecasts that over fifty billion new connected devices will hit networks by the year 2020. With this massive proliferation of network-enabled devices firmly in mind, I am proud to announce that the latest version of the market-leading Cisco Identity Services Engine (ISE) is now available. Cisco Identity Services Engine builds upon the solid foundation of our last release to round out the current platform by focusing on expanding the ISE partner ecosystem with new, exciting categories for context-aware security as well as advancing endpoint security capabilities.
This post was authored by Nick Biasini
Talos has found a new SPAM campaign that is using multiple layers of obfuscation to attempt to evade detection. Spammers are always evolving to get their messages to the end users by bypassing SPAM filters while still appearing convincing enough to get a user to complete the actions required to infect the system. The end payload for this campaign is Cryptowall 3.0. Talos has covered this threat repeatedly and this is another example of how the success of Ransomware has pushed it to one of the top threats we are seeing today. Whether its Exploit Kits or SPAM messages threat actors are pushing as many different variants of Ransomware as possible.
The use of resume based SPAM isn’t anything new. An analysis of our telemetry has found countless messages in the last 30 days related to Resumes. Threat actors have tried many different techniques associated with these messages including using password protected zip files, word documents with embedded macros, and malicious URLs redirecting back to a malicious sample. This threat combined a series of techniques to try and avoid detection that has been surprisingly successful against some products. Below is a sample of one of the emails that we saw in our telemetry.