Cisco Warns of Increasing Attack Sophistication

Cisco Systems Inc. this week released the 2008 edition of its Cisco Annual Security Report, a summary of the state-of-the-art in network security, as well as a look at the threats ahead.

The report highlighted the increasing sophistication of Internet-based attacks, largely because cyber-criminals themselves are becoming increasingly sophisticated. Indeed, the Cisco report noted, there's a sense in which cyber-criminals are becoming professional and increasingly focused on profit-making -- as opposed to mischievous, malicious or destructive -- activities.

"Every year, we see threats evolve as criminals discover new ways to exploit people, networks and the Internet. This year's trends underscore how important it is to look at all basic elements of security policies and technologies," said Patrick Peterson, Cisco fellow and chief security researcher, in a statement that accompanied the report's release. "Organizations can lower their risk of data loss by fine-tuning access controls and patching known vulnerabilities to eliminate the ability for criminals to exploit holes in infrastructures. It is important to upgrade applications, endpoint systems and networking equipment to help ensure that corporate systems run smoothly and minimize risk."

The report singled out the threat posed by spam, which Cisco researchers said accounts for 200 billion messages -- or about 90 percent -- of daily e-mail traffic. The U.S. is the biggest overall producer of spam (generating more than 17 percent), followed by Turkey (9.2 percent), Russia (8 percent), Canada (4.7 percent), Brazil (4.1 percent), India (3.5 percent) and Poland (3.4 percent).

Cisco researchers also expect that targeted spear-phishing -- which today accounts for about 1 percent of all phishing attacks -- will become more prevalent, accelerated by a trend in which criminals personalized spam in an effort to make messages seem more credible. This jibes with research from Symantec subsidiary MessageLabs, which -- in its own year-end report -- highlighted an increase in direct targeting (via highly personalized spam) of businesses and organizations. Here as elsewhere, the goal is to pass a credibility threshold and entice a user into opening a malicious attachment or visiting a malicious Web site. To that end, the e-mail messages used in such attacks contain content that might reasonably be relevant to their intended recipients.

The report also focuses on botnets, which Cisco said have "become a nexus of criminal activity on the Internet." In 2008, especially, botnets (and, by implication, their operators) got more sophisticated, using a new kind of "IFrame" attack to inject malicious code into legitimate Web sites. Legitimate traffic is then redirected to illegitimate sites, where -- more often than not -- users are tricked into downloading malware.

Elsewhere, Cisco researchers singled out an increase in the use of social engineering (similar to targeted spam attacks that try to pass themselves off as legitimate) to trick users into opening files or visiting malicious Web links. This practice will continue to grow, according to Cisco, which warned that in 2009, "social engineering techniques will increase in number, vectors and sophistication."

Another intriguing social engineering-like attack is "reputation hijacking," where criminals use real e-mail accounts -- typically created with established Web mail providers -- to send spam. "'[R]eputation hijacking' offers increased deliverability because it makes spam harder to detect and block," the report noted, adding that in 2008 (per Cisco's own estimates) such traffic accounted for less than 1 percent of all spam worldwide but comprised 7.6 percent of all e-mail traffic carried by the top three Web mail providers.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.


  • Nvidia Buys Chip Maker Arm for $40 Billion

    Nvidia has entered into a "definitive agreement" to acquire U.K.-based chip design company Arm Ltd. from the SoftBank Group in a stock-and-cash deal valued at $40 billion.

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • Oracle, Not Microsoft, Wins TikTok Buyout Bid

    Oracle's proposal to acquire TikTok's U.S. social media operations emerged victorious over the weekend, putting an end to Microsoft's competing buyout bid.

  • Microsoft Making Progress on Windows Virtual Desktop

    A recent "Desktops in the Cloud" podcast chat gives some insight into Microsoft's progress on its Windows Virtual Desktop (WVD) service.