This blog was co-authored by Kevin Brooks, Alex Chiu, Joel Esler, Martin Lee, Emmanuel Tacheau, Andrew Tsonchev, and Craig Williams.
On the 21st of July, 2014, Cisco TRAC became aware that the website dwnews.com was serving malicious Adobe Flash content. This site is a Chinese language news website covering events in East Asia from a US base. The site is extremely popular, rated by Alexa’s global traffic ranking as the 1759th most visited website worldwide, and the 28th most visited in South Korea. In addition the news site also receives a substantial number of visitors from Japan, the United States and China.
This malware campaign does not appear to be tightly targeted. Twenty-seven companies across eight verticals have been affected:
Banking & Finance
Energy, Oil, and Gas
Engineering & Construction
Pharmaceutical & Chemical
Retail & Wholesale
This is indicative of the campaign acting as a drive-by attack targeting anyone attempting to view one of the affected sites.
Read More »
Tags: botnets, Malware Analysis, security, TRAC, VRT
I was at the Gartner Security and Risk Management Summit at the Gaylord National Harbor and had the opportunity to attend the session, “Finding the Sweet Spot to Balance Cyber Risk,” which Tammie Leith was facilitating.
During the session, the panel had been discussing how the senior leadership teams address the problem of putting their signatures against the risk that cyber threats pose to their organizations. Tammie Leith made a point to the effect that it is just as important for our teams to tell us why we should not accept or acknowledge those risks so that we can increase investments to mitigate those risks.
What caught my attention was that the senior management teams are beginning to question the technical teams on whether or not appropriate steps have been taken to minimize the risks to the corporation. The CxO (senior leadership team that has to put their signature on the risk disclosure documents) teams are no longer comfortable with blindly assuming the increasing risks to the business from cyber threats.
To make matters worse, the CxO teams and the IT security teams generally speak different languages in that they are both using terms with meanings relevant to their specific roles in the company. In the past, this has not been a problem because both teams were performing very critical and very different functions for the business. The CxO team is focused on revenue, expenses, margins, profits, shareholder value, and other critical business metrics to drive for success. The IT security teams, on the other hand, are worried about breaches, data loss prevention, indications of compromise, denial of services attacks and more in order to keep the cyber attackers out of the corporate network. The challenge is that both teams use the common term of risk, but in different ways. Today’s threat environment has forced the risk environment to blend. Sophisticated targeted attacks and advanced polymorphic malware affect a business’s bottom line. Theft of critical information, such as credit card numbers, health insurance records, and social security numbers, result in revenue losses, bad reputation, regulatory fines, and lawsuits. Because these teams have not typically communicated very well in the past, how can we ensure that they have a converged meaning for risk when they are speaking different “languages”?
Read More »
Tags: cyber, NIST, risk, security
As a business or technical leader, you know you need to protect your company in a rapidly evolving mobile ecosystem. However, threats are not always obvious. As malware and attacks become more sophisticated over time, business decision makers must work with technical decision makers to navigate security threats in a mobile world.
This blog series, authored by Kathy Trahan, will explore the topic of enterprise mobility security from a situational level and provide insight into what leaders can do now to mitigate risk. To read the first post focused on securing device freedom, click here. The second post, available here, focused on the risks that come with mobile connections. – Bret Hartman, Chief Technology Officer (CTO) for Cisco’s Security Technology Group
The Cisco Visual Networking Index revealed an obvious truth that none of us can deny—mobile data traffic is on the rise and shows no signs of stopping:
- By 2018, over half of all devices connected to the mobile network will be “smart” devices
- Tablets will exceed 15 percent of global mobile data traffic by 2016
- By the end of this year, the number of mobile-connected devices will exceed the number of people on earth, and by 2018, there will be nearly 1.4 mobile devices per capita
With the explosion in the number of smart mobile devices and employees increasingly taking advantage of BYOD, securing company and personal data in a world where the mobile endpoint is a new perimeter presents technical and legal challenges for organizational leaders.
What are some of the most prevailing challenges? The personal use of company-owned devices happens more frequently than IT may realize and a complex legal environment can leave both employees and IT confused on how personal privacy is being protected. It is important for human resources to weigh in here as well.
Read More »
Tags: byod, Cisco, data security, future of mobility, malware, mobility, security, vni
Information is arguably one of any organization’s most valuable and business critical assets. Despite this, many information networks are, for all intents and purposes, flat networks. That is, networks with few flow controls over data which are then allowed to flow freely. This means that the most sensitive corporate or customer data moves through the same network devices as all other company information. This could include things like employee emails and Internet downloads, credit card information, research, sensitive financial information, electronic doctor/patient communications, and any other information that company employees create, receive, download, share, and store.
Read More »
While we consumers certainly worry about security, the concerns of retailers are magnified because they are among the highest-profile targets right now for professional hacker attacks. At the same time, change is continuing on the security front, particularly in the area of PCI compliance. With the release of PCI DSS 3.0, retailers are more challenged than ever with security and compliance.
Join us tomorrow (July 23) for a webcast at 1 p.m. ET (10 a.m. PT). Check out the full blog post on the retail blog for more details and to register! We encourage you to bring your questions and take part in this conversation about how your retail business can be ready for the future of compliance.