Cisco Systems, Inc. (NASDAQ:CSCO) Chief Security and Trust Officer John Stewart said in a discussion with Cory Johnson on Bloomberg West that email spammers are actually becoming more cunning in their quest to successfully deliver email and execute an attack.
The Cisco Systems, Inc. (NASDAQ:CSCO) executive said that as cyber security has been more frequently put at the forefront because of high-profile attacks such as the one suffered by Sony last month, attacks are increasingly getting the attention of the management teams of companies because of how much is at stake and how damaging these attacks can be.
However, he also talked about how attacks are changing as a response to heightening security measure of companies and people being more aware of their habits. One such change is in email spam, he noted.
“The technique being used to deliver [spam email] actually changed last year and as a quantity, it actually went up by 250% which changed the entire modality of getting to you as the user,” Stewart said.
Stewart said that the technique they in cyber security used to see is that spammers send out tons of emails and if one goes through, that’s enough. He said that as a response, experts have built reputation systems that clearly say that those kinds of emails coming from those kinds of places should be blocked.
“What happened last year was this idea that I’m going to send three or four emails from a thousand different sites – very small, very low, very difficult to detect because they are not hitting that volume attack and they’re not even coming from, in some cases, those bad, known addresses or bad sites that are typically generating [these emails]. So now it gets to the user,” the Cisco Systems, Inc. (NASDAQ:CSCO) executive said.
Once these emails get to the user, Stewart said, the game is on. If people click on the links in these emails, they may unwittingly be involved in getting an attack to their organization through.
Furthermore, the Cisco Systems, Inc. (NASDAQ:CSCO) executive said that organizations should recognize that there are different types of attacks. Most attacks are because of money. Some are about getting information like personally identifiable information or intellectual property. He added that some attacks are about disruption while some aim to change a business operation negatively.
The comments by Stewart is somewhat echoed in comments made by Cisco Director of Security Terry Greer-King who said in a recent interview that the latest broadening attack vector are the employees of companies.
Cisco Systems, Inc. (NASDAQ:CSCO) shareholders includes Donald Yacktman’s Yacktman Asset Management which reported ownership of about 12.22 million shares of the technology company by the end of the third quarter of this year.