, 2 min read

Cisco 2014 Annual Security Report: Java continues to be most vulnerable of all web exploits

Original post is here eklausmeier.goip.de/blog/2014/01-19-cisco-2014-annual-security-report-java-continues-to-be-most-vulnerable-of-all-web-exploits.


Cisco provides a report on computer security which contains a number of key findings:

  1. Java comprises 91% of all web exploits.
  2. 99% of mobile malware targets Android.
  3. Java is the exploit that criminals choose first, since it delivers the best return on investment.
  4. In the aftermath of the [Boston Marathon bombing](https://en.wikipedia.org/wiki/Boston_Marathon_bombings "Boston Marathon bombings") two large-scale [spam](https://en.wikipedia.org/wiki/Email_spam "spam") campaigns commenced. Both campaigns carried subject lines about news bulletins. The links directed recipients to malicious iframes designed to infect visitor's computers.
  5. Global spam volume is dropping.
  6. Many users download mobile apps regularly without any thought of security.
  7. 64% of all malware categories are trojans.
  8. Most malware come from online-games.
  9. A steady decline in unique malware hosts and IP addresses suggests that malware is being concentrated in fewer hosts and fewer IP addresses.
  10. Brute-force login attempts increased threefold.
  11. Many CMS compromises can be traced back to plugins written in PHP that were designed poorly and without security in mind.
  12. The rise in cloud computing is undeniable and unstoppable. Cisco has projected that cloud network traffic will grow more than threefold by 2017.
  13. The reality is that it's no longer a matter of if attackers get in, but when.

Cisco used the following data

  1. 16 billion web pages
  2. 93 billion e-mails
  3. 200.000 IP addresses
  4. 33 million endpoint files

JavaVulnerability

I first read on this in eWeek.

Java security was in the press repeatedly in 2013, see for example

  1. Alert (TA13-064A) Oracle Java Contains Multiple Vulnerabilities, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process
  2. Kritische Schwachstelle in aktueller Java-Laufzeitumgebung, BSI empfiehlt Internetnutzern Deaktivierung von Java (in German)
  3. Objet : Vulnérabilités dans Oracle Java, Ces vulnérabilités sont activement exploitées et largement diffusées (in French)