Spike in cyber attacks targeting Cisco Webex

Network attacks exploiting a vulnerability in the Cisco Webex Chrome extension grew by more than 70 times in the past year, a report reveals.

The vulnerability was first disclosed and patched in 2017, and while attacks exploiting it were almost non-existent in early 2018, there was a huge uptick in the last quarter of the year, according to Watchguard’s latest Internet security report.

The report, based on anonymised Firebox Feed data from more than 42,000 active WatchGuard UTM appliances worldwide, also shows that phishing campaigns saw a dangerous increase in sophistication, with new attacks using advanced methods.

These include threatening to release recordings of users visiting adult content online, customising emails for specific targets and creating fake banking login web pages.

Based on data from tens of thousands of active WatchGuard Firebox appliances around the world, a new sextortion phishing attack was the second-most common attack detected in the fourth quarter of 2018. It accounted for almost half of the unique malware hashes detected, because the email phishing message is tailored to each recipient.

The message claims the sender has infected the victim’s computer with a Trojan and recorded them visiting adult websites, threatening to send these compromising images to their email contacts unless they pay a ransom.  

“There was a noticeable increase in advanced phishing attacks targeting high-value information,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies.

“Now more than ever, it’s vital for businesses to take the layered approach to security and deploy solutions that offer DNS [domain name system]-level filtering designed to detect and block potentially dangerous connections and automatically refer employees to resources that bolster phishing awareness and prevention.”

According to Nachreiner, a combination of security controls and human training will help businesses avoid phishing attacks.