SAN JOSE, Calif. – Internet-based attacks are becoming increasingly sophisticated and specialized as profit-driven criminals continue to hone their approach to stealing data from businesses, employees and consumers, according to a recently released security report from Cisco.
In the 2008 edition of the Cisco Annual Security Report, the company
identifies the year’s top security threats and offers recommendations
for protecting networks against attacks that are propagating more
rapidly, becoming increasingly difficult to detect, and exploiting
technological and human vulnerabilities.
"Every year we see threats evolve as criminals discover new ways to
exploit people, networks and the Internet. This year’s trends
underscore how important it is to look at all basic elements of
security policies and technologies," said Patrick Peterson, Cisco
fellow and chief security researcher. "Organizations can lower their
risk of data loss by fine-tuning access controls and patching known
vulnerabilities to eliminate the ability for criminals to exploit holes
in infrastructures. It is important to upgrade applications, endpoint
systems and networking equipment to help ensure that corporate systems
run smoothly and minimize risk."
The overall number of disclosed vulnerabilities grew by 11.5 percent
over 2007, while vulnerabilities in virtualization technology nearly
tripled from 35 to 103 year over year. Cisco researchers saw a 90
percent growth in threats originating from legitimate domains, nearly
double what was seen in 2007. However, the volume of malware
successfully propagated via e-mail attachments is declining. Over the
past two years (2007-2008), the number of attachment-based attacks
decreased by 50 percent from the previous two years (2005-2006).
To access the free report, visit www.cisco.com/go/securityreport.