A new report published by Cisco (NASAQ:CSCO) indicates the rapid development of cyberthreats and “increasing magnitude of attacks” has led researchers to predict the potential “destruction of service” (DeOS) attacks.
Released on Thursday (July 20), the organization’s report, titled “The Cisco® 2017 Midyear Cybersecurity Report (MCR),” looks at the latest threat intelligence compiled by Cisco Collective Security Intelligence and provides industry insights and cybersecurity trends for the first half of 2017–leading to what they they call the DeOS.
For example, the report states that the WannaCry and Nyeta attacks “show the rapid spread and wide impact of attacks that look like ransomware but are actually more destructive,” which Cisco foreshadows as the DeOS attacks.
As Cisco reports, such attacks are more damaging than traditional attacks, which makes it impossible for businesses to recover the compromised data.
“The Internet of Things continues to offer new opportunities for these attackers, and its security weaknesses, ripe for exploitation, will play a central role in enabling these campaigns with escalating impact,” Cisco states.
“As recent incidents like WannaCry and Nyetya illustrate, our adversaries are becoming more and more creative in how they architect their attacks,” Steve Martino, vice president and chief information security officer of Cisco said, “While the majority of organizations took steps to improve security following a breach, businesses across industries are in a constant race against the attackers.”
Martino continued, stating that “security effectiveness” begins with making security a “business priority.”
That said, Cisco says other “traditional attacks” are seeing a resurgence, such as:
- An increase in spam, such as email to distribute malware and generate revenue;
- Spyware and adware, which are other forms of malware that continue to be threats. Over a four-month period, Cisco states it had research sampled roughly 300 companies and discovered that three common spyware threats infected 20 percent of those companies; and
- Evolutions in ransomware, including the Ransomware-as-a-Service making it easier for any type of criminal to carry out the attacks.
Still–all hope isn’t lost when it comes to businesses and organizations protecting themselves against savvy attackers.
First, Cisco states companies should make sure their infrastructure and applications are always kept current so hackers can’t “exploit publicly known weaknesses.” Next, the firm says it’s important to battle complexity through an integrated defense. Third, to ensure that executive leadership understands the risks rewards, and budgetary constraints. Then, examine employee security training with “role based trainings vs. one-size-fits all.” Finally, Cicso says it’s important for organizations to balance defense with an “active response.”
Looking ahead, in terms of overall investments in the cybersecurity industry, it’s estimated the sector will be worth over $230 billion by 2022, according to Markets and Markets. The research firm states that contributing factors include strict data protection derivatives and cyber terrorism.
“The cybersecurity market is growing rapidly because of the growing security needs of the Internet of Things (IoT) and Bring Your Own Device (BYOD) trends,” as well as increased deployment of web and cloud-based business applications.
Don’t forget to follow us @INN_Technology for real-time news updates!
Securities Disclosure: I, Jocelyn Aspa, hold no direct investment interest in any company mentioned in this article.