Six Ways Cyber Attackers Are Changing Tactics

AM15_John_Chambers_.jpg

Even as organizations enhance their cybersecurity defenses, attackers are adopting more sophisticated tactics to penetrate IT systems and evade detection, according to recent research from Cisco Systems Inc.

Indeed, the networking giant sees six key trends on the attacker front.  They include:

1. Shape Shifters: They change their tactics and tools from moment to moment, disappearing from a network before they can be stopped, or quickly choosing a different method to gain entry.
2. Scaled Attacks: They devise spam campaigns using hundreds of IP addresses in an attempt to bypass IP-based anti-spam reputation products.
4. Trusted Doorways: They design malware that relies on tools that users trust, or view as benign, to persistently infect and hide in plain sight on their machines.
5. Guerrilla Warfare: They find new vulnerabilities to exploit if vendors shut down weaknesses in other products.
6. Digital Camouflage: They work at establishing a hidden presence or blend in with the targeted organization, sometimes taking weeks or months to establish multiple footholds in infrastructure and user databases. Only when they are ready will they execute their core mission.

According to Cisco's Security Capabilities Benchmark Study, "security professionals say they’re optimistic that they’re well prepared to hold back online attackers. Yet adversaries continue to steal information, make money through scams, or disrupt networks for political goals. In the end, security is a numbers game: Even if an organization blocks 99.99 percent of billions of spam messages, some will make it through. There is no way to ensure 100 percent effectiveness."
Cisco: http://bit.ly/1Jbhhh5

 

« NSA Map Shows China Cyber Attacks on US
Cyber Insecurity: Going Dark »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Security Mentor

Security Mentor

Security Mentor provides innovative, online security awareness training designed for how people learn and work.

Compumatica

Compumatica

Compumatica is a leading European ICT security manufacturer for cybersecurity and encryption products. Solutions include network security, SCADA/ICS security, Mobile/BYOD and email encryption.

TechGuard Security

TechGuard Security

TechGuard Security was founded to address national cyber defense initiatives and US critical infrastructure security.

TrustInSoft

TrustInSoft

TrustInSoft develops solutions that validate mission-critical software and eliminate attack vectors.

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC) is one of the most distinguished Cybersecurity, Privacy and Information Security Conference in Thailand and Southeast Asia.

Temasoft

Temasoft

TEMASOFT is a software company focused on developing security and infrastructure products.

Data443 Risk Mitigation

Data443 Risk Mitigation

Data443 Risk Mitigation provides next-generation cybersecurity products and services in the area of data security and compliance.

Cyber Struggle

Cyber Struggle

At Cyber Struggle, our aim is training and certifying the special forces of the cyber world.

Beosin

Beosin

Beosin is a blockchain security company providing cybersecurity services including security audits, on-chain asset investigation, threat intelligence and wallet security.

TM One

TM One

TM One is the enterprise and public sector business solutions arm of Telekom Malaysia Berhad (TM) Group.

Forum Systems

Forum Systems

Forum Systems is a global leader in API Security Management with industry-certified, patented, and proven products deployed in the most rigorous and demanding customer environments.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

JupiterOne

JupiterOne

JupiterOne is the security product that is changing how organizations manage and secure their software defined assets.

North East Business Resilience Centre (NEBRC)

North East Business Resilience Centre (NEBRC)

The North East Business Resilience Centre is a non-profit organisation here to support businesses in the North East of England in protecting themselves from cyber crimes and fraud.

Buchanan & Edwards

Buchanan & Edwards

Buchanan & Edwards delivers forward-focused technology solutions that help our clients transform the way they perform their missions.

Approov

Approov

Approov provides a comprehensive runtime security solution for mobile apps and their APIs, unified across iOS and Android.