Welcome!

Cognitive Computing Authors: Liz McMillan, Pat Romanski, Elizabeth White, Yeshim Deniz, Zakia Bouachraoui

Related Topics: Cognitive Computing , @CloudExpo

Cognitive Computing : News Item

Cisco Report Shows Security Threats 'Are Getting Down to Business'

2009 Midyear Edition Reveals Online Criminals Are Using SaaS, Partnerships, Other Enterprise Strategies to Conduct Attacks

Cisco has released the Cisco® 2009 Midyear Security Report, which shows that Internet criminals are increasingly operating like successful businesses, borrowing some of the best strategies from legitimate companies and forming partnerships with one another to help make their illegal activities more lucrative.

The midyear edition outlines some of the most common technical and business strategies that criminals use to breach corporate networks, compromise Web sites, and steal personal information and money. In the report, Cisco offers recommendations for protecting against some of the newer types of attacks that have surfaced recently, recommendations that incorporate people, processes and technology as a holistic risk management solution. The report also advises heightened vigilance against some "old school" approaches that are just as sophisticated and prevalent as newer threats.

Highlights

  • The Conficker worm, which began infecting computer systems late last year by exploiting a Windows operating system vulnerability, continues to spread. Several million computer systems were under Conficker's control as of June 2009.

  • Online criminals are up on current events and making the most of them. After the outbreak of H1N1 influenza ("swine flu") in April, cybercriminals quickly blanketed the Web with spam that advertised preventive drugs and linked to fake pharmacies. Cybercriminals will often seize on major news events to launch this type of attack. While many spammers continue to operate with extremely high volumes, some are opting for lower-volume but more frequent attacks in an effort to remain under the radar.

  • President Barack Obama has made strengthening U.S. cybersecurity a high priority for his administration and looks to work with the international community and the private sector to leverage technology innovations to reduce cybercrime. This focus is expected to have a significant positive impact for the industry in the coming months. John N. Stewart, Cisco's chief security officer and a contributor to the Center for Strategic and International Studies (CSIS) report for the Obama administration, provided additional insight in a recent blog and video blog post.

Specific Threats

  • Botnets. These networks of compromised computers serve as efficient means of launching an attack. Increasingly, botnet owners are renting out these networks to fellow criminals, effectively using these compromised resources to deliver spam and malware via the software-as-a-service (SaaS) model.

  • Spam. One of the most established ways to reach millions of computers with legitimate sales pitches or links to malicious Web sites, spam remains a major vehicle for spreading worms and malware, as well as for clogging Internet traffic. A staggering 180 billion spam messages are sent each day, representing about 90 percent of the world's e-mail traffic.


  • Worms. The rise of social networking has made it easier to launch worm attacks. People engaging in these online communities are more likely to click links and download content they believe were sent by people they know and trust.

  • Spamdexing. Many types of businesses use search engine optimization to be listed more prominently in searches conducted on Google and other sites. Spamdexing, which packs a Web site with relevant keywords or search terms, is increasingly being used by cybercriminals seeking to disguise malware as legitimate software. Because so many consumers tend to trust rankings on leading search engines, they may readily download one of the fake software packages.

  • Text message scams. Since the start of 2009 at least two or three new campaigns have surfaced every week targeting handheld mobile devices. Cisco describes the rapidly growing mobile device audience as a "new frontier for fraud irresistible to criminals." With some 4.1 billion mobile phone subscriptions worldwide, a criminal may cast an extraordinarily wide net and still walk away with a nice profit, even if the attack yields only a small fraction of victims.

  • Insiders. The global recession has caused many job losses. As a result, insider threats are an increasing concern for businesses in the months ahead. Insiders who commit fraud can be contractors or other third parties as well as current and former employees.

More Stories By Security News Desk

SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

IoT & Smart Cities Stories
SYS-CON Events announced today that Silicon India has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Published in Silicon Valley, Silicon India magazine is the premiere platform for CIOs to discuss their innovative enterprise solutions and allows IT vendors to learn about new solutions that can help grow their business.
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and G...
DXWorldEXPO LLC announced today that All in Mobile, a mobile app development company from Poland, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. All In Mobile is a mobile app development company from Poland. Since 2014, they maintain passion for developing mobile applications for enterprises and startups worldwide.
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.