|
Getting your Trinity Audio player ready...
|
There has been a significant increase in the volume of malicious binaries leveraging some encrypted network communication, as attackers embrace encryption to conceal their command and control activities, the recently released Cisco cyber-security report reveals.
After surveying 3,600 chief information officers (CIOs), globally and accessing about a third of the world’s internet data, Cisco found that 50 percent of global web traffic is encrypted, and so attackers are using this to penetrate companies.
As, a result, Cisco has called on businesses to adopt more developed security measures and to take a comprehensive approach across people, process, technology and policy to protect their businesses from hackers and cyber criminals.
Discussing details of the report with select journalists at the Cisco head office in Lagos, Tomi Amao, cyber security systems engineer at Cisco identified the evolution of ransomware as one of the most significant threat developments in 2017.
For 2018, Amao said; ‘the report suggests that this year will see unprecedented levels of sophistication and impact, as cyber criminals will become more adept at evasion.’
Compared to 38 percent encryption in November 2016, Cisco found 50 percent encryption in October 2017 – a 12 percent increase. According to the report, the year on year increase in encryption – which is meant to enhance security has led to an increase in its use to conceal command-and-control activity, stating that almost 50 percent of security risks in organisations stem from having multiple security vendors and products.
Speaking at the event, Olakunle Oloruntimilehin, General Manager of Cisco Nigeria, explained the need for businesses and enterprises to adopt advanced methods of cybersecurity.
‘Security is getting more complex and the scope of breaches is expanding. Several companies are hit by cyber breaches and attacks every year causing losses in millions of naira and stealing highly classified information. It is therefore imperative that any organization that desires to stay safe and minimize risk or loss address cybersecurity at the top, with executive leadership setting the tone and engender a ‘security-first-always-and-everywhere’ culture that flows throughout the organisation.’
The Cisco 2018 Security Capabilities Benchmark Study reveals that 94 percent of companies in the Middle East and Africa suffered a breach in the past year and that 34 percent of breaches in resulted in more than half of systems being impacted. The study also indicated that nearly a quarter of organisations in the region manage more than 21 vendors and cite lack of security personnel as one of the biggest obstacles to security.
Corroborating the importance of robust cybersecurity practices, Amao said; ‘Cisco researchers observed a two-fold increase in malicious web traffic volume in roughly over 12-months. This alone demonstrates that cyber adversaries continue to learn and evolve. The time to raise the bar in cybersecurity is now. That is why at Cisco we take pride in being able to educate and provide businesses with the solutions and best practices required for effective cybersecurity.
Our threat researchers have a reputation for timely, accurate and innovative work, and our network of talented teams are devoted to driving impactful outcomes for our customers,’ Amao said.
Now in its eleventh year, the Cisco 2018 Annual Cybersecurity Report offers security industry data, analysis and insights about attacker behavior over the past year. The report highlights findings and insights derived from threat intelligence and cybersecurity trends observed over the past 12-18 months and provides recommendations designed to help organisations and users defend against attacks
Cisco says it has an integrated and comprehensive portfolio of security technologies to provide advanced threat protection. Its technologies include next generation firewalls, intrusion prevention systems (IPS), secure access systems, security analytics, and malware defense; which work together to deliver effective network security and incident response.
Jumoke Akiyode Lawanson
