The Cisco 2015 Midyear Security Report has been released and reveals cyber criminals remain one step ahead of many businesses.
Angler, Rombertik, Adware MultiPlug, and Dridex were the four most well-known examples of cyber attackers using increasingly sophisticated malware to target their victims.
The Angler exploit kit has agility as one of its main strengths and has successfully used vulnerabilities in Flash, Java, Internet Explorer and Silverlight to compromise online users. It continually throws out “hooks” to increase its effectiveness and is able to generate fake landing pages that resemble normal websites. In terms of success rate, 40 per cent of individuals that encounter an Angler landing page become compromised.
In many cases, attackers benefit from the gap between a vulnerability being discovered and a patch being issued. A recent example is the crucial Adobe Flash upgrade that was issued earlier this month after security researchers at Hacking Team identified the issue.
"In a world where the compromise of users and systems is both assured and assumed, detection of evasive threats is obviously a necessary focus for organisations and security teams," explains the Cisco report. "The innovation race between adversaries and security vendors is only accelerating, and organisations are at risk of becoming more vulnerable to attack if they sit back and watch."
The report highlights that the time taken between observing a file and detecting a threat contained within it is so long that attackers are easily able to develop exploits. Detection time ranges between 100 and 200 days – a time frame that will surely have to shorten if more cyber attacks are to be thwarted.
Ransomware also features heavily in the report, which involves a victim's files being encrypted until a fee is paid to the attackers.
George Anderson, Director at Webroot, commented: "With ransomware the solution is simple: if nobody paid then these scams would simply not work. A good, offline back-up solution is the most powerful tool in the fight against ransomware. This can be done manually through an external hard disk or automatically by some anti-virus software.
"Ideally, both would be used as we’re all guilty of forgetting to back-up files, but online software would do this automatically. This then gives the infected user the ability to restore their device to its original state without succumbing to the malware publishers."
Malware that steals personal information, as with Rombertik and Dridex, was also prevalent across the first six months of 2015.