Upload File

2015 annual security report - data sheet

2
Cisco 2015 Annual Security Report | Regional Data Sheet | AMER Attack Methods for Distributing Malware, by Region Figure 1 shows the techniques adversaries are using most often to distribute malware. The findings in these charts are based primarily on where blocks of web malware occurred (that is, encounters), according to Cisco Cloud Web Security data, versus types of threats on the web. In AMER, users were targeted primarily by malicious scripts; iframe injections were a distant second. Spammers Up Their Game to Outwit Consumers Worldwide spam volumes are on the rise, indicating that spam is still a lucrative vector for online criminals. Adversaries continue to refine messages so that spam is more likely to fool recipients into clicking on dangerous links, often using social engineering tactics. While spam volume has generally been on the decline in the United States in 2014, levels rose in other countries during the same time period (Figure 2). Cisco Security Research suggests that this indicates some malicious actors may be shifting their base of operations. The rise in spam volume in some countries may also be a sign that other regions are catching up to the United States in terms of spam production, as the country has long been a leading source of worldwide spam. Ultimately, the United States ended the year higher. Figure 1. Attack Method Distribution, AMER Regional Data Sheet, AMER Cisco 2015 Annual Security Report As dynamic as the modern threat landscape is, there are some constants: Adversaries are committed to continually refining or developing new techniques that can evade detection and hide malicious activity. Meanwhile, security teams must constantly improve their approach to protecting the organization and users from these increasingly sophisticated campaigns. In the AMER Region, the Cisco 2015 Annual Security Report presents the following: Total % Attack Method 24.93% 17.43% iFrame Injection 13.63% Exploit 10.35% 10.06% OI (detection malware) Script Trojan Source: Cisco Security Research

Upload: cisco-security

Post on 17-Jul-2015

348 views

Category:

Technology


3 download

Report

Tags:

TRANSCRIPT

Page 1: 2015 Annual Security Report - Data Sheet

Cisco 2015 Annual Security Report | Regional Data Sheet | AMER

Attack Methods for Distributing Malware, by RegionFigure 1 shows the techniques adversaries are using most often to distribute malware. The findings in these charts are based primarily on where blocks of web malware occurred (that is, encounters), according to Cisco Cloud Web Security data, versus types of threats on the web.

In AMER, users were targeted primarily by malicious scripts; iframe injections were a distant second.

Spammers Up Their Game to Outwit ConsumersWorldwide spam volumes are on the rise, indicating that spam is still a lucrative vector for online criminals. Adversaries continue to refine messages so that spam is more likely to fool recipients into clicking on dangerous links, often using social engineering tactics.

While spam volume has generally been on the decline in the United States in 2014, levels rose in other countries during the same time period (Figure 2). Cisco Security Research suggests that this indicates some malicious actors may be shifting their base of operations. The rise in spam volume in some countries may also be a sign that other regions are catching up to the United States in terms of spam production, as the country has long been a leading source of worldwide spam. Ultimately, the United States ended the year higher.

Figure 1. Attack Method Distribution, AMER

Regional Data Sheet, AMERCisco 2015 Annual Security ReportAs dynamic as the modern threat landscape is, there are some constants: Adversaries are committed to continually refining or developing new techniques that can evade detection and hide malicious activity. Meanwhile, security teams must constantly improve their approach to protecting the organization and users from these increasingly sophisticated campaigns. In the AMER Region, the Cisco 2015 Annual Security Report presents the following:

Total %Attack Method

24.93%

17.43%iFrame Injection

13.63%Exploit

10.35%

10.06%

OI (detection malware)

Script

Trojan

Source: Cisco Security Research

Page 2: 2015 Annual Security Report - Data Sheet

Signs of Security SophisticationThe Security Capabilities Benchmark Study highlights the hallmarks of organizations that are more sophisticated in their security posture than others. These hallmarks include:

► Executive leadership that prioritizes security

► Clear, well-documented policies and procedures

► Integrated tools that work together

Organization Security SophisticationIn comparing the security sophistication level of organizations by country, there’s more good news: Highly sophisticated organizations are the majority in every segment. However, respondents in some countries appear to have a more positive view of their own security stance than the outside world does. Overly confident perceptions from respondents in some countries may be due in part to core social values of a culture, such as the need to present one’s self—and thus, one’s organization—in a positive light.

Figure 4. Most companies fit more sophisticated security profiles—this is true in all countries and industries

Cisco 2015 Annual Security Report | Regional Data Sheet | AMER

Figure 3. Highest-Risk Verticals for Malware Exposure

Source: Cisco Security Research

United States

Brazil

Taiwan0.00% (1% 11/14)

India

China25.00% (29% 11/14)

Russia3.00% (3% 11/14)

Vietnam

Korea, Republic of1.00% (1% 11/14)

2.00% (3% 11/14)

DecreaseIncrease

0.00%

Change in % from Jan. to Nov. 2014 (November %)

(2% 11/14) 1.00% (2% 11/14)

6.00% (20% 11/14)

Figure 2. Spam Volumes by Country

Segment distribution varies by country, but more mature segments dominate in all

Segment Sizing

United States Brazil

44%

16%

27%

10%3%

34%

35%

24%

5%2%

High Upper-Mid Middle Low-Mid Low

Source: Cisco Security Capabilities Benchmark Study

magnitude magnitude magnitude

2.8Media and Publishing

2.4Accounting

1.1

1.1

TelecommunicationsIT and

Utilities

AMER

2.0Food and Beverage

2.0Insurance

1.6

1.6

Manufacturing

Media and Publishing

EMEA

3.5Real Estate and Land Management

3.4Automotive

3.2

2.4

and ShippingTransportation

Manufacturing

APJC

Aviation 5.0 Agriculture and Mining 2.8 Insurance 6.0

Source: Cisco Security Research

Americas Headquarters Cisco Systems Inc. San Jose, CA

Asia Pacific HeadquartersCisco Systems (USA) Pte. Ltd. Singapore

Europe Headquarters Cisco Systems International BV Amsterdam, The Netherlands

Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners, The use of the word partner does not imply a partnership between Cisco and any other company. (1110R)

Download Cisco 2015 Annual Security Report www.cisco.com/go/asr2015

http://www.cisco.com/go/offices
http://www.cisco.com/go/trademarks
www.cisco.com/go/asr2015
www.cisco.com/go/asr2015
www.cisco.com/go/asr2015
www.cisco.com/go/asr2015

Download card security fact sheet

Annual Report Quick Sheet

Annual security refresher course

Security data sheet

Specialty Film & Sheet - Multisafe Security

Social Security Cheat Sheet

Annual Security Refresher

Twenty-First Annual Computer Security Computer ... PROGRAM 21st Annual Computer Security Applications Conference Presented by Applied Computer Security Associates Twenty-First Annual

Annual Department of Defense (DoD) Security Refresher Training · Annual Security Refresher Training Welcome to your annual security refresher training! The purpose of this briefing

Digital Security Controls Publications Cover Sheet

Eighteenth th Annual Computer Security Annual Applications

Acronis Backup & Security 2010 Data Sheet

Niagara Enterprise Security Data Sheet

Microsoft Word - 2015-Annual Report Data Sheet-Multi Web view · 2016-03-282016 Annual Report Data Sheet-Multiple Cohorts12/16. 2016 Annual Report Data Sheet-Multiple Cohorts. 1

Safaricom Annual Information Security

EADS Annual Balance Sheet Presentation

Annual Security Refresher Briefing

ATL Security Sell Sheet

ANNUAL SPEC SHEET

Duo Security - Data Sheet

Campus Security Annual Security Report - lorainccc.edu

United Security SD-1 Data Sheet

Application Security Information Sheet - Sample€¦  · Web viewTitle: Application Security Information Sheet - Sample Description: Specific questions related to information being

Annual Security Report Es

UNCW Board of Trustees Briefing Annual Security Report ... · Briefing Annual Security Report Annual Fire Safety Report October 15, 2015 . Annual Security Report An institutional

2017 Annual Cyber Security Awareness Training - … Annual Cyber Security Awareness Training ... are required to complete annual Cyber Security Awareness Training ... mobile phones,

2017 Annual Security Roundup: The Paradox Of Cyberthreats · TrendLabs 2017 Annual Security Roundup 5 | 2017 Annual Security Roundup: The Paradox of Cyberthreats Ransomware brings

Security+ Cheat Sheet 2

Cisco Firepower NGFW Data Sheet · Cisco Firepower NGFW Data Sheet ... Security

ANNUAL SECURITY REPORT - Heartland Community College · Annual Security Report Page 4 Effective October 1, 2019 ANNUAL SECURITY REPORT I. Criminal Acts Heartland Community College

FACT SHEET - Centerra sheet centerragroup.com nuclear security protection federal & commercial security fire & emergency services base operations support facilities maintenance

Annual Security Report 2015

ANNUAL REPORT AND BALANCE SHEET

2017 Annual Security Roundup: The Paradox of Cyberthreats · TrendLabs 2017 Annual Security Roundup 8 | 2017 Annual Security Roundup: The Paradox of Cyberthreats compromised websites

SECURITY PROFILE SHEET - Canon Global