Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more ➡
Standard view
Full view
of .
Add note
Save to My Library
Sync to mobile
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Cisco Midyear Security Review09

Cisco Midyear Security Review09

Ratings: (0)|Views: 507|Likes:
Published by risspa

More info:

Published by: risspa on Sep 10, 2009
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See More
See less





Cisco 2009 Midyear Security Report
An update on global security threats and trends
All contents are Copyright © 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Cisco 2009 Midyear Security Report1
All contents are Copyright © 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
The Cisco
Midyear Security Reportpresents an overview of Cisco securityintelligence, highlighting threat informationand trends from the rst half of 2009. Thereport also includes recommendations fromCisco security experts and predictions ofhow identied trends will evolve.
As the global economy struggles to regain its footing,one moneymaking sector remains healthy—online crime.This sector embraces technical innovation, collaborateswith like-minded enterprises to develop new strategiesfor generating income, and continues to demonstrateadoption of the best legitimate business strategies tomaximize prots.Criminal sophistication and business acumen haveincreased since the publication of the
 2008 AnnualSecurity Report 
. For instance, criminal enterprises areinnovating new business models with the creators ofbotnets—networks of compromised computers thatcan carry out the bidding of online scammers. Theseinnovations include “botnets as a service,” a sobering spinon the software-as-a-service trend that has spread acrossthe technology sector.“We see many signs that criminals are mimicking thepractices embraced by successful, legitimate businessesto reap revenue and grow their enterprises,” said TomGillis, Vice President and General Manager of CiscoSecurity Products. “It seems the best practices espousedby
magazine and Harvard Business School havefound their way into the online underworld.”
Cause for Concern: TechnicalInnovation of Online Criminals
The technical innovation and capabilities of onlinecriminals are remarkable. The Concker worm, whichbegan infecting computer systems in late 2008 and early2009 (and is still infecting thousands of new systems daily),provides the best example. Several million computersystems have been under Concker’s control at sometime as of June 2009, which means the worm appears tohave created the largest botnet to date. (Read more aboutConcker on page 4.)Security industry watchers also point to the methodsused by Concker to propagate and create the botnet.Instead of using newer approaches that involve socialengineering, or delivering the payload via email or theInternet, Concker’s creators exploited a vulnerability inthe Windows operating system. This was an “old-school”method that may not have seemed threatening, giventhe preponderance of new tactics for online scams.Concker’s creators appear to have recognized thattheir entry point into computer systems might yield moresatisfying results.It’s safe to say online attacks will continue to showcasethe most cutting-edge technology—and criminals willtry to use older tactics in new ways. Criminals are alsoclosely watching security researchers and learning fromtheir methods for thwarting attacks, putting the “good guy”knowledge to use so their next attack can evade existingprotections.
Cause for Concern: CriminalSophistication and Collaboration
“Bad guys” are aggressively collaborating, selling eachother their wares, and developing expertise in specictactics and technologies. Specialization makes it tougherto shut down illegal activity, because there are manyplayers in this ecosystem.Consider the collaboration between the creators of twolarge botnets, Concker and Waledac (see page 10). InApril, the Concker botnet monetized itself by deliveringthe Waledac malware via Concker’s own hosts, along withscareware—scam software sold to consumers basedon their (often unnecessary) fear of a potential threat—togenerate revenue from victims. In other words, Conckerserved as a large-scale distributor for Waledac’s wares.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->