Malicious hackers are regularly exploiting lesser-known vulnerabilities while organisations focus on the threats posed by high-profile “boldface” vulnerabilities, Cisco Systems has warned as it releases a 2014 Midyear Security Report (MSR) that shows Asia-Pacific companies are far more likely to encounter malware than colleagues in other geographies.
The report analysed malware attacks by vertical industry and found that companies in the Asia-Pacific region (including Japan and China) were more likely to encounter malware if they were engaged in industries including Automotive; Clubs & Organisations; Banking & Finance; Energy, Oil & Gas; Insurance; Manufacturing; Pharmaceutical & Chemical; Real Estate and Land Management; and Transportation & Shipping.
Regional insurance companies, for example, were pegged at a malware rate some 560 percent higher than the baseline – nearly twice the 300 percent figure for Europe and the Middle East and five times the rate in the Americas. This was an “unusual” uptick, Cisco Systems associated program executive Bryce Baker noted.
Aviation companies were the most heavily skewed industry in Cisco's results, with airlines in the Americas dealing with malware at around 680 percent above baseline – compared with around 35 percent of baseline in the Asia-Pacific region.
iframe attacks were the most common form of exploit, followed by scams, phishing and click fraud.
Cisco's analysis also aggregated malware reports and found that fully 94 percent of customers networks scrutinised this year have traffic going to Web sites known to host Palevo, SpyEye, and Zeus malware.
Some 70 percent were found issuing DNS queries for Dynamic DNS domains, which can be used to mask source IP addresses. Furthermore, 44 percent of the networks made DNS requests for encrypted services that allow users to cover their tracks online using the likes of VPN, SSH, SFTP, FTP and FTPS.
The report also observed an 87 percent decline in the use of exploit kits, which have become less widely utilised ever since the creator of the popular Blackhole exploit kit was arrested last year. Several new exploit kits observed in the first half of this year “were trying to move in on territory once dominated by the Blackhole exploit kit,” Baker notes, “but a clear leader has yet to emerge.”
This article is brought to you by Enex TestLab, content directors for CSO Australia.
Have you registered yet to hear from Richard Thieme, Fran Trentley, CERT Australia, NBN Co, telstra, Women in IT security, Craig Davies and many more... No then Register your seat today not many left
Earn CPE credits and recieve the book "Mind Games"signed by the author as well on the day.