In the Cisco 2Q11 Global Threat Report, Cisco CSIRT Manager Gavin Reid discusses the unique challenges of APTs and network intrusions. Gavin offers real world practical advice from a frontline perspective, offering valuable pointers for tweaking and using the tools you probably already have in place.
Early discovery of network intrusions and APT’s is key to protecting your corporate assets. We hope, and think, the Cisco 2Q11 Global Threat Report will help in that regard. Other highlights from the Cisco 2Q11 Global Threat Report include:
- A more than double increase in unique Web malware in the second quarter;
- Average encounter rates per enterprise peaked in March (455) and April (453);
- Companies with 5,001-10,000 employees and companies with 25,000+ employees experienced significantly higher Web malware encounters compared to other size segments;
- Brute force SQL login attempts increased significantly during the second quarter, coinciding with increased reports of SQL injection attacks throughout the period;
- Denial of Service attempts also increased during the second quarter and were observable in IPS logs;
- Global spam volumes remained fairly steady throughout the first half of 2011, while phishing increased in 2Q11, peaking at 4% of total volume in May 2011.