Cisco study finds unprecedented growth in threats

Annual Security Report says overall vulnerabilities have reached highest level since 2000

Cisco says there's been an unprecedented growth in advanced attacks and malicious traffic on networks, with overall vulnerabilities and threats reaching their highest levels since 2000. This is one of the findings in Cisco's 2014 Annual Security Report issued this week.

As of Oct. 2013, cumulative annual alert totals increased 14% from 2012. All of the 30 multinational companies in Cisco's survey sample generated visitor traffic to Web sites that host malware, and 96% of them communicated with hijacked servers.

Ninety-two percent of them sent traffic to Web sites without content, which Cisco says typically host malicious activity.

+MORE ON NETWORKWORLD: Cisco: Thousands of web hosting centers now launchpads for attacks+

The pharmaceutical and chemical industries, and the electronics manufacturing industry have historically had high malware encounter rates but the last two years saw "remarkable growth" in malware encounters for the typically low-risk agriculture and mining industry sectors. Malware encounters also continued to rise in the energy, oil and gas sectors, the Cisco study found.

Multipurpose Trojans were the most frequently encountered web-delivered malware in 2013. Data theft Trojans, such as password stealers and backdoors, made up 22% of total web malware encounters. A 30% drop in unique malware hosts and IP addresses between Jan. 2013 and Sept. 2013 indicate that malware is being concentrated in fewer hosts and fewer IP addresses, according to the Cisco report.

Java continues to be the most frequently exploited programming language targeted by online criminals. Java exploits make up 91% of Indicators of Compromise, Cisco says.

Distributed Denial of Service attacks have increased in both volume and severity, the Cisco report found. And 99% of all mobile malware targeted Android devices, with Andr/Qdplugin-A the most frequently encountered mobile malware arriving in repackaged copies of legitimate apps distributed by non-official marketplaces.

More from Cisco Subnet:

SDN in 2014: More of Everything

Cisco sees SDN, Internet of Things in its 2014 crystal ball

2013: The 12 months of Cisco

The illustrious history of Cisco's Catalyst LAN switches

Cisco leads cloud infrastructure again

Cisco counting on Glue for stickiness

Microsoft era ending at Juniper

Cisco wraps Insieme, works on UCS 2.0

Cisco has this SDN thing covered

10 things we learned -- or didn't -- from Cisco's Insieme launch

Follow all Cisco Subnet bloggers on Twitter.Jim Duffy on Twitter


Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: 10 new UI features coming to Windows 10