Six Ways Cyber Attackers Are Changing Tactics

Uploaded on 2015-08-26 in TECHNOLOGY--Hackers, NEWS-News Analysis, GOVERNMENT-Defence, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

AM15_John_Chambers_.jpg

Even as organizations enhance their cybersecurity defenses, attackers are adopting more sophisticated tactics to penetrate IT systems and evade detection, according to recent research from Cisco Systems Inc.

Indeed, the networking giant sees six key trends on the attacker front.  They include:

1. Shape Shifters: They change their tactics and tools from moment to moment, disappearing from a network before they can be stopped, or quickly choosing a different method to gain entry.
2. Scaled Attacks: They devise spam campaigns using hundreds of IP addresses in an attempt to bypass IP-based anti-spam reputation products.
4. Trusted Doorways: They design malware that relies on tools that users trust, or view as benign, to persistently infect and hide in plain sight on their machines.
5. Guerrilla Warfare: They find new vulnerabilities to exploit if vendors shut down weaknesses in other products.
6. Digital Camouflage: They work at establishing a hidden presence or blend in with the targeted organization, sometimes taking weeks or months to establish multiple footholds in infrastructure and user databases. Only when they are ready will they execute their core mission.

According to Cisco's Security Capabilities Benchmark Study, "security professionals say they’re optimistic that they’re well prepared to hold back online attackers. Yet adversaries continue to steal information, make money through scams, or disrupt networks for political goals. In the end, security is a numbers game: Even if an organization blocks 99.99 percent of billions of spam messages, some will make it through. There is no way to ensure 100 percent effectiveness."
Cisco: http://bit.ly/1Jbhhh5

 

« NSA Map Shows China Cyber Attacks on US
Cyber Insecurity: Going Dark »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Lookout

Lookout

Lookout takes a mobile-first approach to security and protects mobility for some of the world's largest enterprises, critical government agencies, and millions of individuals worldwide.

NICE Systems

NICE Systems

NICE Systems provide software solutions to ensure compliance, fight financial crime, and safeguard people and assets.

CERT-AM

CERT-AM

CERT-AM is the national Computer Emergency Response Team for Armenia.

Protection Group International (PGI)

Protection Group International (PGI)

PGI helps organisations and governments to manage digital risk. From cyber security services to business intelligence, we help reduce the risks to your finances, reputation, assets and people.

Niksun

Niksun

Niksun's forensics-based cyber security and network performance monitoring products provide customers with actionable insight into security threats, performance issues, and compliance risks.

International Data Sanitization Consortium (IDSC)

International Data Sanitization Consortium (IDSC)

IDSC is a group composed of individuals and companies dedicated to standardizing terminology and practices across the data sanitization industry.

Winterhawk

Winterhawk

Winterhawk is a specialist and leading global Cyber, ESG, GRC, Risk & Identity consulting practice.

Iterasec

Iterasec

Iterasec provides a full range of security services to hacker-proof your products and make software engineering process secure by design.

BriskInfosec Technology & Consulting

BriskInfosec Technology & Consulting

BriskInfosec provides information security services, products and compliance solutions to our customers.

Sikich

Sikich

Sikich LLP is a leading professional services firm specializing in accounting, advisory, technology and managed services.

Trisul Network Analytics

Trisul Network Analytics

Trisul helps organizations deploy full spectrum deep network monitoring which can serve as a single source of truth for performance monitoring, security analytics, threat detection and compliance.

Topsec Cloud Solutions

Topsec Cloud Solutions

The Topsec Managed Email Security Platform eliminates Spam, Viruses, Malware, and Phishing.

Brightsolid

Brightsolid

Brightsolid are experts in Hybrid Cloud. We design, build and manage secure, scalable cloud environments that meet customers’ business ambitions.

Amazon Web Services (AWS)

Amazon Web Services (AWS)

Amazon Web Services is the world’s most comprehensive and broadly adopted cloud platform, offering fully featured services from data centers globally.

KingsGuard Solutions

KingsGuard Solutions

KingsGuard Solutions is a San Diego Cybersecurity company that specializes in complex and innovative security solutions for companies throughout Southern California.

Axient

Axient

Axient advances defense and civilian missions from aerospace to cyberspace with multi-domain test and analysis, mission engineering and operations, and advanced technologies.