Avatar

In recent months, many organizations are becoming more interested in the information security landscape and how these threats can affect their business today.

In the recent Cisco 2014 Midyear Security Report, the results showed that 90% of select customer networks were found issuing DNS queries to domain names known to be associated with malware distribution. Results also showed an increase in Point of Sale (POS) exploits over the past year. These threats are growing and may put at risk many users using websites where personal or financial information is being submitted. These users need to know how this malware works, that malware is becoming more sophisticated, and that it is becoming increasingly difficult to identify that users’ machines have been compromised by malware.

Besides malware, small retailers are connecting POS systems to the Internet, thus some financial institutions or retailers may be affected from hacked POS systems in one hand and users with hijacked browser on the other. POS systems connected to the Internet can give attackers more opportunities to defeat the security of the devices from remote sites, and get sensitive information from inside networks without the required credentials and logical isolation on different layers.

Let’s remember a recent case where a Russian hacker was accused of breaching a POS system and found 2.1 millions stolen card numbers on his seized laptop. With these types of threats, organizations are becoming more interested in how to protect the infrastructure (firewalls, IPS, etc.), and also on finding more effective ways to secure their architectures and network designs using a holistic approach.

Also, CISOs would like to understand how standards like PCI DSS and ISO27K can be implemented to secure their environment and how Cisco Security Services can help them to reduce the risk and become compliant at the same time. The trend is that cyber security is starting to become part of a strategic plan and being taken seriously to incorporate tactical protection on the business assets.

Finally, users should be aware that Palevo, Zeus, and SpyEye are malware destined to steal information from infected browsers with a technique called “Man in The Browser” (MiTB). The technique this type of malware uses is to hijack the web browser and take advantage of vulnerabilities in browser security that can modify transaction content or insert additional transactions. All of these activities are done in a completely invisible and covert fashion to both the user and server where the application is being hosted.

According to the newly released Cisco 2014 Midyear Security Report, if organizations want to succeed in this landscape of threats, worms and malware, they need to consider an in depth cyber security strategic plan to reduce risk with formal security policies, procedures and security technology to protect different information layers on the architecture and infrastructure side.



Authors

Adrian Olguin

Information Security Consultant

Cisco Security Solutions