Your Weekly Tech Tidbit – Thoughts on the Cisco 2017 Mid-Year Cybersecurity Report

Welcome to the inaugural edition of CSI’s “Your Weekly Tech Tidbit”. Building on Scott’s ever popular Tech Tidbits portion of our quarterly Tech Talk / SYSOP meetings, each week either Scott or I will be sharing a timely thought for the week based upon what we see happening in IT that is of relevance to our clients. For this week’s topic, I wanted to highlight two important items from among the many that were discussed as current trends in Cisco’s most recent 2017 Mid-year Cybersecurity Report. 1. The return of e-mail as a more prominent delivery vehicle for malware. Not that the other methods, such as infected web sites, have gone away but the report noted, and we are seeing inside our customers, an increased incidence of e-mail attachments and embedded links being used to transmit malware. This trend is going to require increase vigilance by both IT teams and our end users if we are to avoid a security incident. In addition to closely monitoring your e-mail scanning tools it’s important to continually (at least monthly) remind end users to “think before they click” on anything attached to or inside an e-mail message. And if they have any doubt please contact the IT team for assistance before they click. 2. The increasing concern about most IT team’s complacency when it comes to adware or freeware that is found installed on end-user browsers or devices. Often IT teams just ignore it thinking the only one being harmed is the end user themselves with this additional bloatware on their machines. We might even think the end user deserves the slow machine you usually get from this stuff. But the security industry has seen increasing incidents of this type of bloatware containing “hitchhiking” code that reaches out at some later time (weeks / months) to pull down and install additional unwanted applications eventually even pulling down dangerous malware or cryptoware. The moral here is it is best to deal with adware / freeware at its early stages and clean it off machines in your network before it can morph into a much larger problem. In the weeks ahead we will talk about more identified trends and about ideas for tools that can be used in your networks to help identify and mitigate more of these constantly advancing cyber threats. For a deeper dive into the current state of cybersecurity according to the Cisco Talos security team you can download the full report at this link: https://engage2demand.cisco.com/cisco_2017_midyear_cybersecurity_report?dtid=osscdc000283 Or if you are concerned about clicking that link, e-mail me back at rknappjr@csiny.com and I will send you a PDF copy of the full report.   Bob Knapp