Cisco's annual security report offers grim outlook for 2014

Cisco's annual security report offers grim outlook for 2014

Summary: Cisco's 2014 security forecast eerily suggests that the massive security breach at Target was just the beginning.

SHARE:
securitylock

The exponential growth for mobile and cloud technologies over the last few years matched by a gap in skilled security professionals to manage these platforms is providing cyber criminals with unimaginable opportunities, based on the Cisco's 2014 Annual Security Report.

Despite ever-present and rampant headlines about security, from somewhat simple phishing to wide-scale attacks as seen with Target, Cisco researchers still suggest that we could be facing "unprecedented growth" for advanced malicious attacks in the coming year.

To be fair, maybe one year ago (or even a few months ago) it would have been hard to predict that cyber criminals could have lifted sensitive personal data from point-of-sale hardware on more than 70 million people -- close to one-third of the U.S. population -- at one major retail chain.

Nevertheless, that's what happened, so it's quite possible we have no idea what is in store for us next.

But to understand how to prepare, perhaps it's best to review how we got here. Here are a few of the contributing factors, according to Cisco:

  • Advanced mobile devices come with plenty of fantastic abilities and can save so much time and money in the long run -- but given how new they are, they also come with "unanticipated weaknesses and inadequately defended assets."
  • Cyber criminals are increasingly targeting Internet infrastructures "with the goal of proliferating attacks across legions of individual assets served by these resources."
  • Organized cyber crime is getting, well, more organized, with more fine-tuned motivations: public vs. private sector, financial rewards vs. inflicting damage on reputations.
  • Looking closer at mobile, approximately 99 percent of all malware targets Android. But Java is the most exploited programming language.
  • Malware is also being more directed toward oil, gas, and energy companies.
  • Based on a sample of 30 of the world's largest Fortune 500 company networks, 100 percent of them generated visitor traffic to Web sites that host malware.

John N. Stewart, senior vice president and chief security officer for threat response intelligence and development, acknowledged in the report that these observations collectively "paint a grim picture."

Regardless, he stressed that "to truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods – before, during and after an attack."

Topics: Security, Big Data, Cisco, Networking, Privacy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • Of course, using a more secure point-of-sale device

    is not a listed option...
    jessepollard
    • ?

      Option for what? This wasn't a list of things that could be done.
      jhnnybgood
      • last paragraph

        "to truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods – before, during and after an attack"

        no mention of using a more secure platform.
        jessepollard
  • Before Methods

    Motivations are well understood, money. Understanding methods before is almost infinite. Effort needs to be put into plugging holes we understand but detecting the attack during it is just as important. I feel that to little effort is put into detecting an attack when it is first started. Security experts are often in denial and feel that what they have done will stop everything. They are often not will to react fast enough when all there work fails.
    MichaelInMA