In the Cisco 2016 Midyear Cybersecurity Report
a key message about the risk of malware was that “no vertical is safe.”
Judging from our researchers’ periodic examination of attack traffic
(“block rates”) and “normal” or expected traffic by industry, this
message held true in the latter half of the year.
In looking at verticals and their block rates over time (Figure 21
we see that, at some point over the course of several months, every
industry has been subject to attack traffic and at varying levels. It’s
clear that as attacks rise and fall, they affect different verticals at
different times— but none are spared.
Regional Overview of Web Block Activity
frequently shift their base of operation, searching for weak
infrastructure from which they can launch their campaigns. By examining
overall Internet traffic volume and block activity, Cisco threat
researchers can offer insight on where malware is originating.
As Figure 22
shows, traffic from the United States edged up slightly from the block rates seen in the Cisco 2016 Midyear Cybersecurity Report
The United Stateshouses the far greater share of blocks, but this
should be considered a function of the country’s far greater share of
online traffic. In addition, the United States is one of the world’s
largest targets of malware attacks.
The takeaway for security
professionals: Much like the vertical web block activity, the regional
web block activity shows that malware traffic is a global problem.