View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Weak links in enterprises offer window of opportunity to hackers, Cisco warns

‘Man-in-the-Browser’ turns out to be a major risk for enterprises.

By CBR Staff Writer

Weak links including outdated software, bad code, abandoned digital properties, or user errors could offer an opportunity to hackers to exploit them, the latest Cisco 2014 Midyear Security Report warned.

According to Cisco, ‘Man-in-the-Browser’ turns out to be a major risk for enterprises, with 94% of customer networks found to have traffic towards websites hosting malware.

There were several cases of networks being misused or compromised with botnets using DDNS to modify their IP address to avoid detection/blacklist, with 70% networks delivering DNS queries for Dynamic DNS Domains.

About 44% of consumer networks were issuing DNS requests for sites and domains using tools that offer encrypted channel services, hosted by malicious actors to cover up their tracks by exfiltrating information via encrypted channels to hide detection such as VPN, SSH, SFTP, FTP, and FTPS.

Cisco senior VP and chief security officer John Stewart said: "Many companies are innovating their future using the Internet.

"To succeed in this rapidly emerging environment, executive leadership needs to embrace and manage, in business terms, the associated cyber risks.

"Analysing and understanding weaknesses within the security chain rests largely upon the ability of individual organisations, and industry, to create awareness about cyber risk at the most senior levels, including Boards — making cybersecurity a business process, not about technology.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

"To cover the entire attack continuum — before, during, and after an attack — organizations today must operate security solutions that operate everywhere a threat can manifest itself."

However, there was an 87% drop in the number of exploit kits, since detaining of alleged creator of the Blackhole last year, the report claims.

Java still remained as a key programming language to be exploited by malicious actors, with 93% rise in number all indicators of compromise (IOCs) as of May 2014, in the wake of a high point of 91% of IOCs in November 2013.

The pharmaceutical and chemical industry again topped the list of high-risk industries for web malware infection during the first half of 2014, while the media and publishing led the industry verticals.

Regionally, media and publishing were highly affected in the Americas; food and beverage in Africa, Europe and the Middle East; and insurance in Asia-Pacific, China, Japan and India.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.