SlideShare a Scribd company logo
1 of 1
Download to read offline
Data Access
IDSNGIPS
UTM Application
Control
Vulnerability
Management
NBA
NAC
VPN
Malware
Sandbox
Antivirus
Email
NGFW
Firewall
IAM
AMP
Speeding Ahead
of the Sensors
Agility is Its Strength Destructive if Modified
40% user
penetration
©2015 Cisco and or its affiliates. Other company, product and service names may be trademarks or service marks of others.
Combination Attacks Evade Point Solutions
In the first half of 2015, malicious actors demonstrated an elevated level of attack sophistication that leveraged agility, destruction,
adaptability, and speed to achieve their objectives. Angler, Rombertik, Adware MultiPlug, and Dridex are the top four most well-known
examples of how these combination attacks evade detection, infiltrate defenses, and destroy systems.
The security industry needs to move toward an integrated threat defense to keep pace with
combination attacks. To learn more, download the 2015 Midyear Security Report.
www.cisco.com/go/msr2015
Cisco 2015
Midyear Security Report
Continually throws different
‘hooks’ to increase
effectiveness
to complete campaign,
before traditional
antivirus tools can react9
hours
Dridex
Angler Rombertik
Quickly morphs campaign
content such as user agents, attachments,
and referrers; and relaunches campaign
Uses Microsoft® Office
macrosto quickly
deliver banking Trojans
Targets and exploits
unpatched software
Up to unique
campaigns
in time
observed850
75%
Over
of domain shadowing
activity leads to Angler
Encrypts payload
for delayed analysis
Obfuscates
compromised landing pages
Adapts and
Mutates to
Evade Detection
Adware
MultiPlug
Shifted away
from old URL-encoding
scheme to increase
penetration rate 4,000add-on variants employed
Bundles malicious
add-ons with
seemingly useful yet
unwanted applications
500domains used across
three month period
Uses spam and phishing to
gain access
instructions to memory,
creating a stalling tactic
for sandboxes
960M Destroys master
boot record and
renders computer inoperable
Performs excessive activity to
flood tracing tools
Once past sandbox,
calls Windows API
335,000 times
as an anti-debugging
mechanism

More Related Content

Viewers also liked

Infographic e5 - Your finance, Anytime. Any place. Anywhere
Infographic e5 - Your finance, Anytime. Any place. AnywhereInfographic e5 - Your finance, Anytime. Any place. Anywhere
Infographic e5 - Your finance, Anytime. Any place. AnywhereAdvanced Business Solutions
 
Axcient 2013 Annual Report Infographic
Axcient 2013 Annual Report InfographicAxcient 2013 Annual Report Infographic
Axcient 2013 Annual Report InfographicAxcient
 
PAROS - CORPORATE STRATEGY & TRADE FINANCE
PAROS - CORPORATE STRATEGY & TRADE FINANCE PAROS - CORPORATE STRATEGY & TRADE FINANCE
PAROS - CORPORATE STRATEGY & TRADE FINANCE gianlucarota.it
 
Battle of the banks in Singapore - by Tesla Insights
Battle of the banks in Singapore - by Tesla InsightsBattle of the banks in Singapore - by Tesla Insights
Battle of the banks in Singapore - by Tesla InsightsTesla Insights
 
Psychographic Segmentation | Consumer Motivation and Health Care
Psychographic Segmentation | Consumer Motivation and Health CarePsychographic Segmentation | Consumer Motivation and Health Care
Psychographic Segmentation | Consumer Motivation and Health CareMcGohan Brabender
 
Funderburk_AAPOR_Final_Audience Segmentation to Support Consumer Engagement i...
Funderburk_AAPOR_Final_Audience Segmentation to Support Consumer Engagement i...Funderburk_AAPOR_Final_Audience Segmentation to Support Consumer Engagement i...
Funderburk_AAPOR_Final_Audience Segmentation to Support Consumer Engagement i...Frank Funderburk
 
Basware Infographic - Unlocking Value In A Connected Business World
Basware Infographic - Unlocking Value In A Connected Business WorldBasware Infographic - Unlocking Value In A Connected Business World
Basware Infographic - Unlocking Value In A Connected Business WorldBasware
 
2012 HP Cyber Threat Report Infographic
2012 HP Cyber Threat Report Infographic2012 HP Cyber Threat Report Infographic
2012 HP Cyber Threat Report InfographicCarlo Arioli
 

Viewers also liked (9)

Infographic e5 - Your finance, Anytime. Any place. Anywhere
Infographic e5 - Your finance, Anytime. Any place. AnywhereInfographic e5 - Your finance, Anytime. Any place. Anywhere
Infographic e5 - Your finance, Anytime. Any place. Anywhere
 
Axcient 2013 Annual Report Infographic
Axcient 2013 Annual Report InfographicAxcient 2013 Annual Report Infographic
Axcient 2013 Annual Report Infographic
 
PAROS - CORPORATE STRATEGY & TRADE FINANCE
PAROS - CORPORATE STRATEGY & TRADE FINANCE PAROS - CORPORATE STRATEGY & TRADE FINANCE
PAROS - CORPORATE STRATEGY & TRADE FINANCE
 
Battle of the banks in Singapore - by Tesla Insights
Battle of the banks in Singapore - by Tesla InsightsBattle of the banks in Singapore - by Tesla Insights
Battle of the banks in Singapore - by Tesla Insights
 
Psychographic Segmentation | Consumer Motivation and Health Care
Psychographic Segmentation | Consumer Motivation and Health CarePsychographic Segmentation | Consumer Motivation and Health Care
Psychographic Segmentation | Consumer Motivation and Health Care
 
Funderburk_AAPOR_Final_Audience Segmentation to Support Consumer Engagement i...
Funderburk_AAPOR_Final_Audience Segmentation to Support Consumer Engagement i...Funderburk_AAPOR_Final_Audience Segmentation to Support Consumer Engagement i...
Funderburk_AAPOR_Final_Audience Segmentation to Support Consumer Engagement i...
 
Meet SPARK Agency
Meet SPARK AgencyMeet SPARK Agency
Meet SPARK Agency
 
Basware Infographic - Unlocking Value In A Connected Business World
Basware Infographic - Unlocking Value In A Connected Business WorldBasware Infographic - Unlocking Value In A Connected Business World
Basware Infographic - Unlocking Value In A Connected Business World
 
2012 HP Cyber Threat Report Infographic
2012 HP Cyber Threat Report Infographic2012 HP Cyber Threat Report Infographic
2012 HP Cyber Threat Report Infographic
 

More from Cisco Security

Incident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityIncident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityCisco Security
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersCisco Security
 
Cisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco Security
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Cisco Security
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Cisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco Security
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
AMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsAMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsCisco Security
 
A Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityA Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityCisco Security
 
Balance Data Center Security and Performance
Balance Data Center Security and PerformanceBalance Data Center Security and Performance
Balance Data Center Security and PerformanceCisco Security
 
The Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicThe Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicCisco Security
 
Data Center Security Challenges
Data Center Security ChallengesData Center Security Challenges
Data Center Security ChallengesCisco Security
 
Enterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyEnterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyCisco Security
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of InactivityCisco Security
 
Midsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityMidsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityCisco Security
 
Integrated Network Security Strategies
Integrated Network Security StrategiesIntegrated Network Security Strategies
Integrated Network Security StrategiesCisco Security
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardCisco Security
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 

More from Cisco Security (20)

Incident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityIncident Response Services Template - Cisco Security
Incident Response Services Template - Cisco Security
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service Providers
 
Cisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling Access
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended Network
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Cisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide Deck
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall
 
AMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsAMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threats
 
A Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityA Reality Check on the State of Cybersecurity
A Reality Check on the State of Cybersecurity
 
Balance Data Center Security and Performance
Balance Data Center Security and PerformanceBalance Data Center Security and Performance
Balance Data Center Security and Performance
 
The Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicThe Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware Infographic
 
Data Center Security Challenges
Data Center Security ChallengesData Center Security Challenges
Data Center Security Challenges
 
Enterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyEnterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security Survey
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of Inactivity
 
Midsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityMidsize Business Solutions: Cybersecurity
Midsize Business Solutions: Cybersecurity
 
Integrated Network Security Strategies
Integrated Network Security StrategiesIntegrated Network Security Strategies
Integrated Network Security Strategies
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor Scorecard
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
 

Cisco 2015 Midyear Security Report Infographic

  • 1. Data Access IDSNGIPS UTM Application Control Vulnerability Management NBA NAC VPN Malware Sandbox Antivirus Email NGFW Firewall IAM AMP Speeding Ahead of the Sensors Agility is Its Strength Destructive if Modified 40% user penetration ©2015 Cisco and or its affiliates. Other company, product and service names may be trademarks or service marks of others. Combination Attacks Evade Point Solutions In the first half of 2015, malicious actors demonstrated an elevated level of attack sophistication that leveraged agility, destruction, adaptability, and speed to achieve their objectives. Angler, Rombertik, Adware MultiPlug, and Dridex are the top four most well-known examples of how these combination attacks evade detection, infiltrate defenses, and destroy systems. The security industry needs to move toward an integrated threat defense to keep pace with combination attacks. To learn more, download the 2015 Midyear Security Report. www.cisco.com/go/msr2015 Cisco 2015 Midyear Security Report Continually throws different ‘hooks’ to increase effectiveness to complete campaign, before traditional antivirus tools can react9 hours Dridex Angler Rombertik Quickly morphs campaign content such as user agents, attachments, and referrers; and relaunches campaign Uses Microsoft® Office macrosto quickly deliver banking Trojans Targets and exploits unpatched software Up to unique campaigns in time observed850 75% Over of domain shadowing activity leads to Angler Encrypts payload for delayed analysis Obfuscates compromised landing pages Adapts and Mutates to Evade Detection Adware MultiPlug Shifted away from old URL-encoding scheme to increase penetration rate 4,000add-on variants employed Bundles malicious add-ons with seemingly useful yet unwanted applications 500domains used across three month period Uses spam and phishing to gain access instructions to memory, creating a stalling tactic for sandboxes 960M Destroys master boot record and renders computer inoperable Performs excessive activity to flood tracing tools Once past sandbox, calls Windows API 335,000 times as an anti-debugging mechanism