The Cisco 2015 Midyear Security Report provides an overview of key threats observed in the first half of 2015, along with insights on current and future trends and advice for organizations that utilize security solutions and services. Coinciding with a theme, The Innovation Dogfight between Attackers and Security Vendors, this year’s report is a clear realization that just as quickly as network security personnel and CXOs innovate their security measures, adversaries and their malware seem to be several steps ahead.
Join our next #CiscoChat on Thursday, August 13, at 10:00 a.m. PST: @CiscoSecurity hosts Talos technical leader, Craig Williams, to discuss the report’s findings and implications for organizations and attack defenders.
This year’s report identified three threats that are making the most headway – and headlines – when it comes to compromising security:
- Angler: Comprises over 75% of domain shadowing activity since December 2014.
- Rombertik: Floods memory with 960 million useless instructions that overwhelm inspection tools.
- Dridex: Executes campaigns within five hours, well before threat intelligence sensors propagate threat notices.
The report also outlines some of the more creative ways malware creators use to foil security solutions, including using text from classic literature to confuse antivirus security solutions.
With the millions of touch points that lie on the Internet of Everything and more businesses digitizing their operations, the threat landscape has definitely expanded. Couple that with an utterly disappointing industry standard for Time to Detection (TTD) of 100 to 200 days and it’s not surprising that threats have become more sophisticated.
As adversaries rapidly refine their ability to develop and deploy malware that can breach network defenses and evade detection, the security industry, as a whole, struggles to innovate at a similar pace. What can organizations do to keep up?
During our next #CiscoChat, Craig Williams, Senior Technical Leader of the Talos Security Intelligence and Research Group will discuss the key findings from the Cisco 2015 Midyear Security Report. Be sure to join us and follow the #CiscoChat conversation on Thursday, August 13, at 10:00 a.m. PST, using hashtag #CiscoChat.