Hackers are hijacking Jane Austen in order to infiltrate your network. This is one of the findings of Cisco’s mid-year security report, which concludes that enterprises must close the time-to-detection gap lest they fall prey to increasingly sophisticated attackers.
And well-read. Authors of exploit kits are inserting text from Austen’s novel Sense and Sensibility into web landing pages in an effort to throw off antivirus programs. Security applications are more likely to view these pages as legitimate after “reading” the text, Cisco found.
One particular exploit kit was singled out as Public Enemy No. 1 for enterprises embarking on digitization and the Internet of Everything, and encountering the new attack vectors they present: the Angler Exploit Kit. Angler is one of the most widely used kits because it exposes Flash, Java, Internet Explorer and Silverlight vulnerabilities, Cisco says. It also evades detection by employing domain shadowing, which creates subdomains from users’ domain registration logins to avoid typical detection techniques like blacklisting of sites or IP addresses.
Flash exploits themselves are on the rise due to lack of automated patching and consumers (like me) who fail to update immediately. The number of reported Adobe Flash vulnerabilities increased by 66% in the first half of 2015, a record pace, Cisco says.
Other attack methods have become more sophisticated. Ransomware is now completely automated and ransoms are paid in cryptocurrencies, such as bitcoin, to conceal them from law enforcement. Dridex attackers rapidly change email content, user agents, attachments, or referrers to evade antivirus systems and launch new mutating malware campaigns.
To combat all threats, Cisco recommends closing the time-to-detection gap from 100 to 200 days, to two days. This can be achieved, the vendor says, through an integrated threat defense architecture, professional services, and a “collaborative, multi-stakeholder” global cyber governance framework.
And maybe some antivirus tools that can read between the lines of Jane Austen novels.
More from Cisco Subnet: