Cisco has warned that the online criminal economy isbecoming increasingly savvy and much more sophisticated as profit-driven crookshone their approaches to compromising end-user data in its 2008 Annual Security Report.
Cisco fellow and chief security researched Patrick Petersonsaid: “Every year we see threats evolve as criminals discover new ways toexploit people and networks. This year’s trends underscore how important it isto look at all basic elements of security policies and technologies.”
Among the usual warnings around spam and phishing attacks,Cisco observed growth of 90% in threats originating from legitimate domains andadded that known vulnerabilities in virtualisation technology had tripledduring 2008.
Cisco’s experts also examined the growth in usage of socialengineering techniques to force end-users to open malicious files or click onsuspect links and predicted this would increase next year.
Cisco added that during the downturn, enterprises would haveto be more careful in handling redundancies given the potential threats posedby disgruntled ex-employees.
These findings go along with the increasing volume ofwarnings coming from the security sector. Last week security gurus at McAfeewarned that governments were slacking off when it came to fighting cybercrooks,although they were understandably distracted by warding off total fiscalmeltdown.
Meanwhile, rivals Lumension pointed out that the mobilityand Web 2.0 applications beloved of Cisco were essentially an open door forcrooks in many cases, while Finjan has recently been highlightingvulnerabilities within Flash applications and PDF files.