Cisco has warned that the online criminal economy is becoming increasingly savvy and much more sophisticated as profit-driven crooks hone their approaches to compromising end-user data in its 2008 Annual Security Report.
Cisco fellow and chief security researched Patrick Peterson said: “Every year we see threats evolve as criminals discover new ways to exploit people and networks. This year’s trends underscore how important it is to look at all basic elements of security policies and technologies.”
Among the usual warnings around spam and phishing attacks,Cisco observed growth of 90% in threats originating from legitimate domains and added that known vulnerabilities in virtualisation technology had tripled during 2008.
Cisco’s experts also examined the growth in usage of social engineering techniques to force end-users to open malicious files or click on suspect links and predicted this would increase next year.
Cisco added that during the downturn, enterprises would have to be more careful in handling redundancies given the potential threats posed by disgruntled ex-employees.
These findings go along with the increasing volume of warnings coming from the security sector. Last week security gurus at McAfee warned that governments were slacking off when it came to fighting cyber crooks, although they were understandably distracted by warding off total fiscal meltdown.
Meanwhile, rivals Lumension pointed out that the mobility and Web 2.0 applications beloved of Cisco were essentially an open door for crooks in many cases, while Finjan has recently been highlighting vulnerabilities within Flash applications and PDF files.