Cisco Blogs


Cisco Blog > Security

Change is Coming to the Security Industry – and This is a Good Thing

Cisco presents a vision of the future in the Cisco 2015 Midyear Security Report that we expect many—particularly in the security industry—might find a little controversial. We suggest that over the next five years, there will be a continued wave of industry consolidation—driven less by financially motivated M&A and more by the need for capable solutions—that brings together niche innovators and long-standing players for the greater cause of protecting organizations.

And then what? This consolidation will lead to the development of an integrated threat defense architecture that will help to reduce time to detection and remediation of both known and emerging threats. This architecture will bring unprecedented visibility into the threat landscape, and provide control, global intelligence, and context across many solutions.

While disruptive, this change is necessary. Right now, as an industry, we’re just not doing an effective job helping all end users defend themselves from the highly sophisticated and ever-changing tactics of today’s threat actors.

As noted in the Cisco 2015 Midyear Security Report, Read More »

Tags: , , ,

Midyear Security Report: Exploit Kits and Ransomware Get Creative

The modern online adversary is out to make money, not simply hack networks for the fun of it. In the Cisco 2015 Midyear Security Report, there’s yet more evidence that criminals are using tools with ever-increasing sophistication to steal valuable personal or financial data and sell it, coerce users into paying ransoms for their own data, and generally reap financial rewards for their exploits.

The Angler exploit kit continues to lead the market in terms of sophistication and effectiveness. As explained in the Cisco 2015 Midyear Security Report, Angler packs a significant punch because it uses Flash, Java, Internet Explorer, and Silverlight vulnerabilities to achieve its objectives. Angler is very effective, in part due to its ability to compromise users by using multiple vectors: Cisco found that 40 percent of users who encounter an Angler exploit kit on the web are compromised, compared to just 20 percent of users who encounter other widely used exploit kits.

Angler successfully fools users and evades detection with several innovative techniques. For example, as we discuss in the report, our researchers believe Angler’s authors use data science to create computer-generated landing pages that look normal enough to pass muster from heuristic scanners. In addition, Angler has recently started using “domain shadowing” to dodge detection—the exploit kit authors compromise a domain name registrant’s account, and then register thousands of subdomains under the legitimate domain of the compromised user. While domain shadowing isn’t new, we’ve monitored growing use of this technique since last 2014: according to our researchers, more than 75 percent of known subdomain activity by exploit kit authors since that time can be attributed to Angler. Read More »

Tags: , ,

Announcing the 2015 Midyear Security Report

Our 2015 Midyear Security Report (MSR) is out this week, and it’s been a bumpy year when you consider the innovative, resilient, and evasive nature of the global cyber attacks we’ve seen in recent months. Our team continues to see adversaries who rapidly refine their ability to develop and deploy malware that evades detection. It is sobering to note that our MSR confirms that the security industry is just not keeping pace with the attackers.

The MSR is our follow-up to the Cisco Annual Security Report (ASR), which we publish in January. The 2015 MSR updates you on what we’ve seen in the first half of 2015, with analysis and insights about the latest attack trends and advice on what to do about them.

Some of the top troubling trends in this year’s six-month update include: Read More »

Tags: , ,

The Best Defense is a Good Offense? Why Cisco Security Researchers Attack Cisco Technologies

This week, Cisco provided comments on the Department of Commerce’s Bureau of Industry and Security (BIS) proposed cybersecurity regulations. These comments reflect the realities of how Cisco looks to protect both our customers and our products. They also emphasize the critical role that security researches, access to tools, and qualified talent have in cybersecurity.

Cisco has hundreds of dedicated security engineers and researchers throughout the company and around the globe, who use the latest and greatest tools and techniques to test our technology. We proactively attempt to break into our own products, our own services, and our own networks, in order to close identified weaknesses and vulnerabilities as soon as possible and to develop better protections against attack. Many of these same people are responsible for investigating reported vulnerabilities or compromises of our products and running these reports to ground with absolute certainty. In doing this, we have resolved countless bugs and vulnerabilities and continue to improve the security of our products with what we learn. Along the way we have discovered many interesting and creative adversaries and certainly learned that there are some very resourceful people out there.  Read More »

Tags: , , , ,

Cisco extends market leadership for Unified Access with revolutionary ASIC

Cisco innovates in the industry’s largest product line

Cisco Unified Access is about converging wired and wireless networks to improve scale and quickly launch new services with new levels of security and compliance.

When Cisco launched the Catalyst 3850 and WLC 5760 Controller in January 2013, it stood alone in the market for truly converging Wired and Wireless networks. Over the course of the last 2.5 years, Cisco has progressively extended its lead with more platforms and features based on the revolutionary ASIC which makes this rich convergence possible. And just this month, Cisco delivered Multi-gigabit Ethernet (or mGig), which enables the move to higher Wireless speeds based on the IEEE 802.11ac Wave 2 standard. Let’s start by clearly articulating why the home-grown ASIC is so fundamental to successfully integrating Wired and Wireless networks in a seamless way.

The foundational ASIC which Cisco developed is called Unified Access Dataplane (UADP). It cost well over $150M, and took several years to develop and refine. It delivers Hardware performance with Software flexibility and comes with many unique innovations. The defining characteristic of this ASIC is the true full-featured convergence of Wired and Wireless traffic together with its flexible forwarding engine.

Read More »

Tags: , , , , ,