According to Cisco annual report of the domain name system (DNS) traffic of 30 Worlds largest multinational companies network generated traffic to sites hosting malware. Cisco analyzed network traffic on the 30 firms, and found that 100% of the companies were communicating with known malicious sites and 96% of the firms communicated wiith servers that had been hijacked by cybercriminals.
Cisco also detected traffic going to military or government websites – notably, at firms that usually don't do business with such organizations.
“Cisco has observed that such sites may be used because of the generally high reputation enjoyed by public or government organizations,” the report said.
“Traffic to these sites may not be a definitive sign of a compromise, but for organizations that do not habitually do business with the government or the military, such traffic could indicate that networks are being compromised so that criminals can use them to breach government or military websites and networks.
“In spite of their best efforts to keep their networks free of malicious threats, all of the organizations Cisco examined during 2013 showed evidence of suspicious traffic,”
Cisco’s analysis was based on 200,000 IP addresses, 400,000 malware samples, 33 million files from endpoints and 28 million network connections
Many of the networks analyzed appeared to be communicating with government or military sites, despite having no business reason to do so. This could be evidence that cybercriminals were using the networks as a platform to attack further targets.
No comments:
Post a Comment