A new report has revealed that organisations need to reduce the time it takes to identify cyber threats in order toprevent attack from Flash, ransomware, and the Dridex mutating malware campaign.
The Csico report highlights the need for retrospective analysis to reduce time to detection (TTD) in order to remediate against sophisticated attacks by threat actors.
The lack of automated or regular patching is increasing exploits of Adobe Flash vulnerabilities, which are integrated into the Angler and nuclear exploit kits, the report claims.
There was a 66% rise in the number of Adobe Flash Player vulnerabilities reported by the Common Vulnerabilities and Exposure (CVE) system in the first six months of this year, compared with the whole of 2014.
Angler is one of the most sophisticated and widely used exploit kits due to its innovative use of flash, java, internet explorer and silverlight vulnerabilities.
It also uses an evasion technique known as domain shadowing to prevent detection.
Hackers continue to release new variants with the help of ransomware operations, which are completely automated and undertaken via the dark web.
Content from our partners
Cisco said ransoms are paid in cryptocurrencies like bitcoin to hide payment transactions from law enforcement
According to the report, the creators of rapidly mutating Dridex campaigns have a sophisticated understanding of evading security measures.
Attackers quickly change the emails’ content, user agents, attachments or referrers, and launch new campaigns as part of their plans. It will force traditional antivirus systems to detect them anew.
Cisco said the report’s findings highlight the need for businesses to deploy integrated security systems instead of point products, work with trustworthy vendors and enlist security services providers for guidance and assessment.
In addition, Cisco said geopolitical experts have declared that a worldwide cyber governance framework is required for sustaining economic growth.
Cisco senior vice president, chief security and trust officer John Stewart said: "Organisations cannot just accept that compromise is inevitable, even if it feels like it today.
"The technology industry must up the game and provide reliable and resilient products and services, and the security industry must provide vastly improved, yet meaningfully simplified, capabilities for detecting, preventing, and recovering from attacks."
