Cybercriminals are upping their game, capitalizing off aging back-end infrastructures to carry out a growing number of hacks and data breaches, according to a new report released today.
Some 92 percent of Internet-connected devices are running software “with known vulnerabilities,” according to survey data collected from more than 1,000 international IT decision-makers for Cisco’s annual security report. About 31 percent of those devices are “end of sale,” or no longer supported by the vendor that produced them.
That’s particularly troubling for systems in the federal government, which habitually failed to patch systems and until the summer – following the Office of Personnel Management data breach – did not regularly implement basic security measures such as multifactor authentication.
Perhaps as a result of a continued plethora of data breaches in 2015 – remember dating site Ashley Madison, health insurer Anthem or the Internal Revenue Service breach? – Cisco’s report indicates that top IT professionals are less confident in their security tools than year’s past.
Also, relevant to government agencies that contract with small and mid-size companies: The study indicates those companies tend to use fewer cyber defenses than large companies.
Such vulnerabilities could also put at risk small and mid-size business’ enterprise customers, as attackers may more easily penetrate their networks, the report concludes.
The report also suggests modern criminals aren’t wantonly hacking systems but rather structuring their breaches to secure a means to incur the most money possible. For more details, check out the report itself.