Increase cyber-sec agility, Cisco urges UAE orgs
Threat report highlights need to decrease time to detection
UAE enterprises need to take steps to speed up detection of cyber-incursions and remedial measures taken in their aftermath, Cisco warned today.
The infrastructure company's Midyear Security Report reveals that cyber-attacks are becoming more sophisticated than ever and urges organisations to decrease time to detection (TTD) so clean-up can become more effective.
Among the report's findings are criminals' renewed use of Microsoft Office macros; new risks for specific industry verticals; and the emergence of new detection-evasion strategies.
The report includes updates on spam, threat alerts, Java exploits, and malvertising. In particular, it notes that exploits of Adobe Flash vulnerabilities continue to grow in number and are regularly integrated into widely used exploit kits such as Angler and Nuclear. Cisco drew attention to Angler as the "leading" exploit kit "in terms of overall sophistication and effectiveness".
"The Angler Exploit Kit represents the types of common threats that will challenge organisations as the digital economy and the Internet of Everything (IoE) create new attack vectors and monetisation opportunities for adversaries," Cisco said in a statement.
Cyber-crime continues to be big business. Operators of crime-ware, like ransomware, are hiring and funding professional development teams to help them make sure their tactics remain profitable. Criminals are turning to the anonymous web network Tor and the Invisible Internet Project (I2P) to relay command-and-control communications while evading detection.
"Organisations in the UAE cannot just accept that compromise is inevitable, even if it feels like it today," said Rabih Dabboussi, general manager, Cisco UAE. "The technology industry must up the game and provide reliable and resilient products and services, and the security industry must provide vastly improved, yet meaningfully simplified, capabilities for detecting, preventing, and recovering from attacks."