2015 Cybersecurity: Attack Resiliency

Challenges Industry Collaboration

Attackers are commandeering legitimate infrastructure and reaping
millions in profit.

Defenders are struggling to detect and combat threats, and

confidence is falling.

ker s
t t ac nd
A ea
Evad nstitute SS H
e c o ncy
silie d, P s yc
R re
ho
ing T he
cte gl
re build . If dete and brut obal, co
sa ns re e-fo l
t t a cker peratio configu ms rce a laborativ
A
t h eir o ickly re w syste ttack e,
int o u
rs q te on n
e DDo
c ke
atta constitu minutes
S
10,0
re in 00
can ew IPs XM
achi
n ne s
w i th leve
rage
Botn d
e
1. C t Set U
hin p
pa a-base
s db
bo sword a rute-fo
tn ttack rc
2. 24 et s to e

g l e r goes ing h
lo ours lat
c reate

An k often andeer
attac com
m
s
to
co
gin w
ith
nl
er, U
S-
dow harvest based
ed
This cted by esource mpr oad DDo passwo
te r omis
unde putation ed d S root-k rds,
re evic it on
high s es
W ebsite Mas
sive
Referring ique sites c via
un
ect t
raffi 35% Impa
ct
of al

15K
redir tising l SS
H tr
er acro
malv ss th affic
was e
com Internet
p
er vers out S SH r
Psyc ised by
yS i th ho
Prox ervers w mmingl
ed
s o
iple ith c
Mult re, but w itimate
a eg l
malw ces on l s, funne rs
u r er ve
reso provid loit ser
ing
host toward e
xp
Com
and mingled
s
user

er vers ds are
Expl
oit S of payloaare. Com
prom
60%
mw o
rans
221% increa ised
gh
nd throu
al a
y is glob s
er er
Deliv e provid
mult
ip l comse in
a llin g ce
F fiden he latest
prom
Wor i
rs promised, dPre sed
e
tat u
S ating st etecte
r v
s Se atus is comd, the
ss si
tes
o n
C fidence in wn to 59
ha
t
ving %
er sd
If op pering i r ted Con logy do
m le no t
or ta rs are a tech e lates o 37%
s
e t h t
r
k ving reased
attac
ture n
ende ha
NOT logy inc

ll IP I
truc
nfras rough IPs o
D ef tech
no

Lackboration
Sma s can roll s per day
th
cker tem
Atta ctive sys
la
y
l abilit
a
8-12
Co d en
th e
ce in cover
ir

M
nfi re ile
er co end, and lling, wh ing
0
r
/ yea wo
6
en d
Def def is fa
$ st t eek
m ju e tect, attacks rs are s
e ce in ability
e
r
t fro to d o s
m a t
esti ed cam
rofi
ed p paigns
alon
m cyber d invest nization
fro tors a
gu la i
n
t y into
org a fo
Be confidiefynan attack
tifi re ibil
iden e vis tegy
.
mor risk stra
r 4% t
r
o ve d
5 occurre
cybe

d i n g
Dur dence attacks
o
is e ability t

om ed
in

p r confi against

ComFractu r rveyed 54%

nd
defe

and of Cisscothde Internuelntewrabilitiehs,

u
c es s ere
Con
e v i

92%
s v c stra er
acro known f 26 ea
in g
runn averag
e o Orga
niza
tions ints Aft onfidencend contain
in abilit
y

with
an eyed of co exhi
surv llabo bit lo c
ope
a
co d
evic e s incid r
ents tion: Du
a w de
gree 45% to sc ck
is , onl r i t ta
of C L y n g se an a
EOS re EO 21% curit
31% were
devi
ces
w e notif
y bu
y

of C
is c o
o li cies o
n
18% notif
sines
s pa
rtner
yp
5% curit y ex s
w s e
revie lar basis
15% insur
terna
l a utho
ance rities
56%
u
a reg com
pani
es
B ar r
i er s
s e cu to
r i t y t a d o pt in
e ch n g
o l o g a d va n c
39% Bud
y ed
get
32% C om
patib
25% Cert
ility
issu
es
ificat
ion r
equi
reme
nts

Download the Cisco 2016 Annual Security Report

www.cisco.com/go/asr2016

2016 Cisco and or its affiliates. Other company, product and service names may be trademarks or service marks of others.