The past year has been an exciting one for Cisco. We've made significant advancements across the board, including leading initiatives that support the expansion of the Internet of Everything. However, we know that with these new opportunities come new challenges, and we believe security needs to be as pervasive as the IoE itself. That's why in 2015 we expanded our focus to support security everywhere that threats might manifest themselves. We continued to invest in taking security beyond the traditional network perimeter to include data centers, branch offices, endpoints, applications, mobile devices and cloud.
In 2015, we announced new security offerings to help organizations of all sizes. We expanded our portfolio with new solutions such as Network as a Sensor and Enforcer, new services such as the Threat Awareness Service, and by announcing several strategic acquisitions, welcoming OpenDNS, Portcullis, and Lancope to the Cisco family.
Our increased commitment to security can also be seen in the numerous discoveries by our threat intelligence team, Talos. We made significant contributions such as creating decryption tools for new variants of ransomware and helping to cripple a massive international exploit campaign, which was making $60 million annually in ransomware alone.
Here were some of our biggest security highlights from 2015:
Security Everywhere
This year we announced security everywhere, which extends security beyond the traditional network perimeter, to include data centers, branch offices, endpoints, applications, mobile devices and cloud. We added new features and made changes to our solutions to offer a more integrated security architecture.
We launched Network as a Sensor and Enforcer, which allows organizations to increase threat visibility of suspicious traffic flows and enforce security policies to contain any threats faster.
We also introduced a new solution for small and midsize organizations and continued to extend our advanced malware protection (AMP) everywhere.
Security Everywhere Across the Extended Network
Extending Security Everywhere
Cisco Acquires OpenDNS
In August, Cisco completed the acquisition of OpenDNS, a company which offers advanced threat protection or any device, anywhere, anytime, in a cloud-delivered model.
The acquisition builds on Cisco’s Security Everywhere strategy, adding broad visibility and threat intelligence. The first API integration with other Cisco solutions was announced on the day of the completion of the acquisition, between the OpenDNS umbrella and Cisco AMP Threat Grid.
Cisco Announces Intent to Acquire OpenDNS
Cisco Completes the Acquisition of OpenDNS
OpenDNS Introduces IP-Layer Enforcement for Umbrella
Talos Threat Spotlight: Ransomware
Several threat actors are competing for a piece of the pie in the lucrative ransomware black market. Talos analyzed the rise of Cryptowall, after Cryptolocker was taken down, and the new features available in Cryptowall 3.0.
Talos also described TeslaCrypt, a new variant of ransomware, which seems to have been inspired by Cryptolocker. Talos was able to develop a tool to decrypt files that have been encrypted by this particular variant of ransomware.
Cryptowall 3.0: Back to the Basics
Threat Spotlight: TeslaCrypt – Decrypt It Yourself
Talos Threat Spotlight: Domain shadowing and Angler
Domain shadowing, a technique that exploits genuine domains to spread malware, was one of the areas that Talos researchers extensively monitored in 2015, with Angler being considered the best exploit kit in the market. Talos identified and helped damage a massive international Angler exploit kit campaign that was generating $60 million a year from ransomware alone. The campaign used hijacked registrant accounts to create several subdomains to serve malicious content.
Threat Spotlight: Angler Lurking in the Domain Shadows
Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually from Ransomware Alone
Cisco Announces Intent to Acquire Lancope
In October, we announced our intent to acquire Lancope, a company that provides network behavior analytics, threat visibility and security intelligence and that has already been a part of Cisco’s security solutions for many years through a commercial relationship agreement. The acquisition complements other solutions such as OpenDNS, Portcullis and Neophasis in our plan to extend security everywhere.
