It’s a hacker’s world. Hackers are getting more innovative while many IT departments are falling behind, according to a new study. But the news isn’t all grim. The same report finds that education and available technology could allow lagging departments to guard against more of the threats.
The findings are in the Cisco 2015 Midyear Security Report, which finds cybercriminals are getting ever more innovative to evade detection. System managers who don’t take the evolving threats seriously run a significant risk of having compromised networks without even knowing it. Cisco is a Council Lead Partner.
One of the biggest risks is not knowing what you don’t know. Ready to gauge your security IQ? Take Cisco’s cybersecurity quiz. Here are a few highlights.
How long would it take to discover your system is compromised?
You would know the moment your system was compromised, right? The answer is likely not. Cisco finds that attackers are devoting significant effort to coming up with new threats that evade detection. And the response from IT departments?
“It is sobering to note that our Midyear Security Report confirms that the security industry is just not keeping pace with the attackers,” said John Stewart, senior vice president and chief security and trust officer for Cisco.
So how long could your systems be infected before you would even know it? Cisco says the industry standard time-to-detection can be more than six months. Cisco’s Advanced Malware Protection can cut that to about 41 days.
Security threats operate in obvious ways, right?
Do you think an experienced security professional would be able to immediately spot the work of a cybersecurity breach? Remember evasion is the theme of the latest attacks.
One threat uses passages from a well-known novel –- we won’t tell you which one; it’s an answer to a quiz question -– to make most of the Internet traffic it generates appear legitimate. Another writes 960 million bytes of random data to memory to distract you from the real work it’s doing quietly in the background.
What is domain shadowing?
Domain shadowing isn’t a new concept, but its use by cybercriminals has been growing steadily this year. It involves using the credentials of a domain name registrant to set up new subdomains that point to compromised servers.
And there is one single threat that has been responsible for about 75% of all domain shadowing activity so far this year.
There is hope
Cisco says the threats are serious, but there is plenty IT departments can do once they understand the magnitude of them and what they can do about them. The company says its own Advance Malware Protection alone blocks nearly 20 billion threats each day.
Experts say it’s important that cybersecurity efforts are front-and-center –- not an afterthought. And while it’s common to have a variety of security solutions running, IT departments need to give serious thought about integrating them. When they individually run in isolation they’re far less effective.
Finally, when there’s a security update available, install it. Cisco finds that even some IT managers are complacent about installing them, providing a gaping hole that cybercriminals can slip through undetected for months.
###
Kevin Ebi is a staff writer and social media coordinator for the Council. Follow @smartccouncil on Twitter.
More stories …
Get smart about your city's data security with 4 steps you can take today
Is your city prepared for a security breach? If not, it could cost you millions
Cities at risk: 5 that were victims of cyber attacks
