By Oluwatobi Opusunju
Technology giant Cisco has warned that a new cyber-attack called ‘Destruction of Service’ (DeOS) will lay siege on connected networks globally. DeOS attacks could eliminate organizations’ backups and safety nets that are required to restore systems and data after an attack, Cisco warned in its 2017 Midyear Cybersecurity Report (MCR).
The report is focused on uncovering the rapid evolution of threats and the increasing magnitude of attacks. According to the report: “recent cyber incidents such as WannaCry and Petya show the rapid spread and wide impact of attacks that look like traditional ransomwares, but are much more destructive. These events foreshadow what Cisco is calling destruction of service attacks, which can be far more damaging, leaving businesses with no way to recover.”
The recent ‘WannaCry’ and ‘Petya’ ransomwares attacks have left businesses, particularly in the western world, in disarray compelling companies to rethink their global connectivity models in a way that has also urged several jurisdictions to consider further ways of criminalizing cyber attacks.
The connected world has also increased interest in cyber security with compelling cases for proactive measures on the part of government and businesses.
Cisco explained that as key industries are beginning to bring most of their operations online today due to the advent of the Internet of Things (IoT); attack surfaces are also increasing as well as the potential scale and impact of these threats.
“The Internet of Things continues to offer new opportunities for cybercriminals, and its security weaknesses, ripe for exploitation, will play a central role in enabling these campaigns with escalating impact. Recent IoT botnet activity already suggests that some attackers may be laying the foundation for a wide-reaching, high-impact cyber-threat event that could potentially disrupt the Internet itself,”
To combat these increasingly sophisticated attacks, Cisco said organizations must take a proactive stance in their protection efforts. The following are ways organizations need to guard themselves against these increasing occurrences of ransomwares according to the company.
- Keeping infrastructure and applications up to date, so that attackers can’t exploit publicly known weaknesses.
- Battle complexity through an integrated defense.
- Engage executive leadership early to ensure complete understanding of risks, rewards and budgetary constraints.
- Establish clear metrics. Use them to validate and improve security practices.
- Examine employee security training with role-based training versus one-size-fits-all.
- Balance defense with an active response. Don’t “set and forget” security controls or processes.
The Cisco 2017 Midyear Cybersecurity Report examines the latest threat intelligence gathered by Cisco Collective Security Intelligence. The report provides data-driven industry insights and cybersecurity trends from the first half of the year, along with actionable recommendations to improve security posture.