One of the reasons I like the security industry is that it’s always changing—and right now, it’s changing faster than ever. The next five years are going to be a period of significant change, driven by three major trends: the consumerization of the end point, the adoption of cloud computing, and the increasing use of high-definition video conferencing systems like Cisco TelePresence.
The Cisco 4Q10 Global Threat Report is now available for download. The report showcases data from the 4th calendar quarter (October 1, 2010 -- December 31, 2010). The report also provides a snapshot of Rustock activity for the second half of 2010, as well as the year over year Web malware encounter rates from 2007 -- 2010. Contributing teams included Cisco IPS, Remote Management Services for Security (RMS), IronPort, and ScanSafe.
Since we were writing the report in January 2011 (the 7th anniversary of the MyDoom email worm), it seemed appropriate to include some stats on old worm activity. It really underscores the cumulative problem of malware -- not only does IT need to combat the millions of new threats, but also contend with many of the old ones as well.
Highlights from the report include:
- Web malware grew by 139 percent in 2010 compared to 2009
- Search engine-related traffic resulted in approximately 8 percent of web malware encountered in 4Q10
- Rustock botnet activity peaked during the first two weeks of December
- Users flocked to BitTorrent in the wake of the WikiLeaks.org shutdown, presumably as an alternate source of leaked U.S. State Department cables
- Global spam levels decreased dramatically in the fourth quarter, following a trend that started in August 2010
Watch Cisco CTO Padmasree Warrior talk about her “mind-blowing” experience at this year’s World Economic Forum at Davos, Switzerland. She mingled with experts from around the world discussing topics like cloud computing, security, and hyper connectivity.
“The breadth and depth of the expertise that comes together in one place from around the world is simply mind blowing.”
As we mentioned in last week’s Cyber Risk Report, “The issue at hand is no longer whether or even to what extent the revolution is being tweeted, the question henceforth is how are information networks to be managed.” The capabilities of freely flowing information to influence the command and control of coordinated forces has long been understood by military commanders. Greek historian Herodotus tells in his Histories of a deposed king passing obscured messages to organize revolution, and another king sending warning of impending attack; during World War I, soldiers would shoot at carrier pigeons bearing messages from front-line troops.
Today, when governments face political unrest, a very militarily inspired response is to limit, control, or deprive the free flow of information to the opposition. Organizations do likewise, though often for different reasons, and are quickly understanding how resourceful their users can be as they dodge workforce Internet filters by accessing content on their mobile phones. Over and over again, information that authorities wish to keep secret, or deny access to, is being exposed and shared widely by those under their control. How will confidentiality fare in the coming years?
IPv6 is becoming more widely deployed as the availability of IPv4 addresses continue to decline. In June, Cisco will be participating in World IPv6 Day, a 24-hour global “test drive” of IPv6 that is organized by the Internet Society.
Hopefully this introductory post will give you a basic idea of how IPv6 works and some initial security concerns. In upcoming posts, I will explain in more detail the security impact on your network of various aspects of IPv6. I am willing to address other topics as well if there is interest, just let me know. Currently the upcoming topics will be: