Cisco Subnet An independent Cisco community View more

Jane Austen lets the boogie man in: Cisco report

Mid-year security tally finds attackers using Sense and Sensibility

security lock people users

Hackers are hijacking Jane Austen in order to infiltrate your network. This is one of the findings of Cisco’s mid-year security report, which concludes that enterprises must close the time-to-detection gap lest they fall prey to increasingly sophisticated attackers.

And well-read. Authors of exploit kits are inserting text from Austen’s novel Sense and Sensibility into web landing pages in an effort to throw off antivirus programs. Security applications are more likely to view these pages as legitimate after “reading” the text, Cisco found.

One particular exploit kit was singled out as Public Enemy No. 1 for enterprises embarking on digitization and the Internet of Everything, and encountering the new attack vectors they present: the Angler Exploit Kit. Angler is one of the most widely used kits because it exposes Flash, Java, Internet Explorer and Silverlight vulnerabilities, Cisco says. It also evades detection by employing domain shadowing, which creates subdomains from users’ domain registration logins to avoid typical detection techniques like blacklisting of sites or IP addresses.

Flash exploits themselves are on the rise due to lack of automated patching and consumers (like me) who fail to update immediately. The number of reported Adobe Flash vulnerabilities increased by 66% in the first half of 2015, a record pace, Cisco says.

Other attack methods have become more sophisticated. Ransomware is now completely automated and ransoms are paid in cryptocurrencies, such as bitcoin, to conceal them from law enforcement. Dridex attackers rapidly change email content, user agents, attachments, or referrers to evade antivirus systems and launch new mutating malware campaigns.

To combat all threats, Cisco recommends closing the time-to-detection gap from 100 to 200 days, to two days. This can be achieved, the vendor says, through an integrated threat defense architecture, professional services, and a “collaborative, multi-stakeholder” global cyber governance framework.

And maybe some antivirus tools that can read between the lines of Jane Austen novels.

More from Cisco Subnet:

Cisco's new leadership team is...

Cisco's two presidents resigning

Cisco sees Internet half full

Cisco loses patent appeal

HP buying SDN company for NFV

Cisco's IoE keeps abreast of cancer

Cisco bypassed Russia sanctions to continue sales: report

Cisco, Chambers looking for one last shot at VMware?

Cisco's Chambers: A Retrospective

Cisco taps veteran Robbins to succeed Chambers as CEO

Follow all Cisco Subnet bloggers on Twitter.Jim Duffy on Twitter

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.