News

Cisco Warns of Increasing Attack Sophistication

Cisco Systems Inc. this week released the 2008 edition of its Cisco Annual Security Report, a summary of the state-of-the-art in network security, as well as a look at the threats ahead.

The report highlighted the increasing sophistication of Internet-based attacks, largely because cyber-criminals themselves are becoming increasingly sophisticated. Indeed, the Cisco report noted, there's a sense in which cyber-criminals are becoming professional and increasingly focused on profit-making -- as opposed to mischievous, malicious or destructive -- activities.

"Every year, we see threats evolve as criminals discover new ways to exploit people, networks and the Internet. This year's trends underscore how important it is to look at all basic elements of security policies and technologies," said Patrick Peterson, Cisco fellow and chief security researcher, in a statement that accompanied the report's release. "Organizations can lower their risk of data loss by fine-tuning access controls and patching known vulnerabilities to eliminate the ability for criminals to exploit holes in infrastructures. It is important to upgrade applications, endpoint systems and networking equipment to help ensure that corporate systems run smoothly and minimize risk."

The report singled out the threat posed by spam, which Cisco researchers said accounts for 200 billion messages -- or about 90 percent -- of daily e-mail traffic. The U.S. is the biggest overall producer of spam (generating more than 17 percent), followed by Turkey (9.2 percent), Russia (8 percent), Canada (4.7 percent), Brazil (4.1 percent), India (3.5 percent) and Poland (3.4 percent).

Cisco researchers also expect that targeted spear-phishing -- which today accounts for about 1 percent of all phishing attacks -- will become more prevalent, accelerated by a trend in which criminals personalized spam in an effort to make messages seem more credible. This jibes with research from Symantec subsidiary MessageLabs, which -- in its own year-end report -- highlighted an increase in direct targeting (via highly personalized spam) of businesses and organizations. Here as elsewhere, the goal is to pass a credibility threshold and entice a user into opening a malicious attachment or visiting a malicious Web site. To that end, the e-mail messages used in such attacks contain content that might reasonably be relevant to their intended recipients.

The report also focuses on botnets, which Cisco said have "become a nexus of criminal activity on the Internet." In 2008, especially, botnets (and, by implication, their operators) got more sophisticated, using a new kind of "IFrame" attack to inject malicious code into legitimate Web sites. Legitimate traffic is then redirected to illegitimate sites, where -- more often than not -- users are tricked into downloading malware.

Elsewhere, Cisco researchers singled out an increase in the use of social engineering (similar to targeted spam attacks that try to pass themselves off as legitimate) to trick users into opening files or visiting malicious Web links. This practice will continue to grow, according to Cisco, which warned that in 2009, "social engineering techniques will increase in number, vectors and sophistication."

Another intriguing social engineering-like attack is "reputation hijacking," where criminals use real e-mail accounts -- typically created with established Web mail providers -- to send spam. "'[R]eputation hijacking' offers increased deliverability because it makes spam harder to detect and block," the report noted, adding that in 2008 (per Cisco's own estimates) such traffic accounted for less than 1 percent of all spam worldwide but comprised 7.6 percent of all e-mail traffic carried by the top three Web mail providers.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

comments powered by Disqus

Featured

  • Mastering Blazor Authentication and Authorization

    At the Visual Studio Live! @ Microsoft HQ developer conference set for August, Rockford Lhotka will explain the ins and outs of authentication across Blazor Server, WebAssembly, and .NET MAUI Hybrid apps, and show how to use identity and claims to customize application behavior through fine-grained authorization.

  • Linear Support Vector Regression from Scratch Using C# with Evolutionary Training

    Dr. James McCaffrey from Microsoft Research presents a complete end-to-end demonstration of the linear support vector regression (linear SVR) technique, where the goal is to predict a single numeric value. A linear SVR model uses an unusual error/loss function and cannot be trained using standard simple techniques, and so evolutionary optimization training is used.

  • Low-Code Report Says AI Will Enhance, Not Replace DIY Dev Tools

    Along with replacing software developers and possibly killing humanity, advanced AI is seen by many as a death knell for the do-it-yourself, low-code/no-code tooling industry, but a new report belies that notion.

  • Vibe Coding with Latest Visual Studio Preview

    Microsoft's latest Visual Studio preview facilitates "vibe coding," where developers mainly use GitHub Copilot AI to do all the programming in accordance with spoken or typed instructions.

  • Steve Sanderson Previews AI App Dev: Small Models, Agents and a Blazor Voice Assistant

    Blazor creator Steve Sanderson presented a keynote at the recent NDC London 2025 conference where he previewed the future of .NET application development with smaller AI models and autonomous agents, along with showcasing a new Blazor voice assistant project demonstrating cutting-edge functionality.

Subscribe on YouTube