Huge shortage of cyber-defenders as threat levels ‘highest since records began’, Cisco report warns

The threat of cyber attacks has hit its highest level since records begain in May 2000, and cybercrime is now a global network that is “mature, far-reaching, well-funded, and highly effective as a business operation,” according to Cisco’s Annual Security Report.

Cisco claims in its report that there is a worldwide shortage of professionals able to defend against such attacks, with new technologies in malware meaning that there is a shortfall of a million IT professionals globally, according to NDTV’s report.

Every single one of the networks analyzed by Cisco – from Fortune 500 companies – had traffic going to known malware threat sites, based on data collected by security products.

“To truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods before, during and after an attack,” Cisco Threat Response Intelligence chief John Stewart told NDTV, describing the level of threats as “startling”.

A test on 30 Fortune 500 companies found that 100% were fooled into visiting “booby-trapped” websites. Video analysis by Cisco’s Senior Vice President John Stewart can be found here.

New technologies are providing cybercriminals with new means of attack, the report warns, saying, “New ways of doing business, such ascloud computing and mobile computing, are rapidly expanding the attack surface.”

There has been huge growth in malware targeting mobile systems, with 99% of such malware targeting Android, the report said.

“Cybercriminals have myriad inroads to the network. Quite often, they also have a very easy path from there to the ultimate destination: the data center, where high-value information resides.”

ABC News says that Cisco describes much of the malware used to target companies as “weapons grade”, and that sectors such as agricultuture and mining have come under increasing attack.

“Simple attacks that caused containable damage have given way to organised cybercrime operations that are sophisticated, well-funded, and capable of significant economic and reputational damage to public and private sector victims,” the report warns.

“These infrastructure-scale attacks seek to gain access to strategically positioned web hosting servers, name servers and data centres with the goal of proliferating attacks across legions of individual assets served by these resources. By targeting internet infrastructure, attackers undermine trust in everything connected to or enabled by it.”

Cisco points out in a blog post that attacks still rely on social engineering, and abuse of trust, saying, “We also expect adversaries to continue designing campaigns that take advantage of users’ trust in systems, applications, and the people and businesses they know.”

“It’s an effective strategy. How do we know? Because 100 percent of the networks analyzed by Cisco have traffic going to known malware threat sites, and there is no doubt that the vast majority of those compromises relied initially on some abuse of trust.”