There is no preparation without execution
( MASTERCOMPUTERS )
HOME ABOUT US NIGERIA CONTACT US RESOURCES TRAINING E-LEARNING CERTIFICATION   SITEMAP HELP

promo>>> The one and only IT Entrepreneur Guide - Start Your New IT Business!

Cisco 2009 Midyear Information Security Report

 

1 Aug 2009 - Cisco’s security intelligence team has released Cisco’s midyear security report for 2009. The report is based on Cisco’s findings and views on threats and trends from beginning till mid 2009. The report presented by Cisco as “An update on global security threats and trends” includes data on new threats, observations and forecasts for information security in the future.

 

Cisco states that “The Cisco Midyear Security Report presents an overview of Cisco security intelligence, highlighting threat information and trends from the first half of 2009. The report also includes recommendations from Cisco security experts and predictions of how identified trends will evolve”.

 

More Sophisticated

According to the report though attacks are becoming “more sophisticated and targeted”, collaboration as well as enhanced security policies is not only making it possible for attacks to succeed and spread, but prosecution of attackers is being enabled.

The report states that criminal sophistication and business acumen have increased since the publication of last year’s annual security report. Criminal organizations have gone to the extent of innovating new models based on genuine real world business practices. Examples are the creators of botnets—networks of compromised computers that can carry out the bidding of online scammers. So just as you have Software application service providers there are now providers of botnets as a service. It is possible to pay to use a compromised network to carry out illegal activities.

In the words of Tom Gillis, Vice President and General Manager of Cisco Security Products, “We see many signs that criminals are mimicking the practices embraced by successful, legitimate businesses to reap revenue and grow their enterprises. It seems the best practices espoused by Fortune magazine and Harvard Business School have found their way into the online underworld.”

 

Causes for Concern

A cause for concern identified in the report certain areas of concern is the Technical Innovation of Online Criminals. The Conficker worm example is used to describe remarkable technical innovation and capabilities of online criminals. “Several million computer systems have been under Conficker’s control at some time as of June 2009, which means the worm appears to have created the largest botnet to date”. This example exploits traditional vulnerabilities that security experts and users are ignoring. It is a case of criminals using “older tactics in new ways.”

Also it’s apparent that attackers are monitoring and using security best practices and trends to develop newer and more dangerous weapons. The offensive is mounted through the exploitation of “proper and enhanced security tools and concepts” to beat security experts and protection agencies.

Another cause for concern noted by the report is the Criminal Sophistication and Collaboration. Cooperation and collaboration amongst attackers is at an all time high. Just like in the normal business scenario online criminals combine strengths, share expertise tools and overcome weaknesses together to achieve illegal business objectives. Shutting down this networked, online mafia is notoriously difficult to achieve. The collaboration between the two large botnets, Conficker and Waledac was highlighted in the report.

Collaborations of this nature that are networked and persistent can cause severe damage.
The report expects this trend of illegal collaboration to continue. According to the report, “One security researcher discovered that a major botmaster used an online forum to ask other criminals for help after his own botnet was hacked”.

 

Cause for Optimism

However, organizations are also collaborating aggressively to shut down online threats. This is identified as a cause for optimism. Just as online criminals collaborate and refine their strategies the report states that collaboration between organizations to shut down online threats is succeeding. The efforts of the Conficker Working Group to block the Conflicker worm is shown as an excellent example. Other positive examples were highlighted in the report.

Also seen as positive are the efforts of several countries to boost information protection and address the global menace of cybercrime. The Obama administration’s decision to appoint a “cybersecurity coordinator” to oversee “a new comprehensive approach to securing America’s digital infrastructure” is mentioned. It noted that the United Kingdom and other countries are also currently conducting cybersecurity reviews and evaluations. Cisco provides evidence to show that the greater focus from both government and international law enforcement on combating cybercrime and improving cybersecurity is yielding results. Already in 2009 there have already been some high-profile arrests.

Other report highlights include the fact that Web 2.0 applications, cherished for their ease of use and flexibility, have become attractive to attackers. And criminals are still compromising legitimate websites for the purpose of propagating malware to great effect while online banking customers are being targeted by criminals

 

 

What Do you Have to Say? Post Your Comments about this resource Here 

COMMENTS for "Cisco 2009 Midyear Security Report ":

 

August 12, 2009

 

Ani Michael of Jos, Plateau State, Nigeria says:

 

 

A good one from Cisco.  Hope other vendors will take note, and AISA too gets involved.

 

 

AISA Content

 

AISA Content is provided by Jidaw Systems on behalf of The African Information Security Association (AISA)

 

Jidaw Systems Limited (Jidaw) is an information technology solution provider that specializes in IT Consulting, e-business, Content provision, Web Publishing, Computer Networking and Training. Jidaw Systems Limited, developed and runs www.jidaw.com

 

Jidaw Systems Limited is the originator of the IT Entrepreneurship Guide series - Success in IT Business programs and a Foremost Authority on IT Career development. Jidaw Systems is a NASITEA partner.

 

 

IT Career Development.

 

A major focus of Jidaw (Mastercomputers) is the promotion of IT Career Development. Jidaw presents the monthly FREE IT Career Seminars to address career and certification issues for newcomers, career changers and IT professionals.

 

 

The one and only Information Technology Entrepreneur Guide

 

Success in IT Business (SITB) training program is designed to help you start your New IT Business. Now You have an uncommon, hard-to-find opportunity to learn first hand from the real world ideas and experience of IT Entrepreneurs.

 

Prepare Yourself for the no-nonsense Information Technology Entrepreneurship Business program -Success in Information Technology Business (SITB) program. Discover the Reality and Principles required to create your own Profitable and Sustainable IT Business.

 



Your Guide to taking the Right IT Career Decisions 
 

Spread The Word

   Delicious  Digg this tell reddit StumbleUpon Toolbar Stumble It! Facebook

Page Top

 

HOME ABOUT US COMMENTS CONTACT US BOOK SALES
HELP E-LEARNING CERTIFICATION TRAINING PREVIOUS JOBS
  PRIVACY DISCLAIMER SITEMAP  

 

Subscribe to the FREE IT & Telecom Newsletter with valuable information bringing you practical, how-to tips and articles.

 

 

Join the African Information Security Online Group on LinkedIn 

The one and only IT Entrepreneur Guide - Start Your New IT Business!

Join the African Information Security Online group on Facebook

 

Wake up the Giant in You with Cisco CCNA Internetwork Plus

 

Know what it takes, focus on substance, make your own choices, prepare yourself – make sure you’re in control