Contact Us
back

Network Vulnerabilities

Published On: 
Jan 20, 2020

Barbara M. Hunt

Founder and Chief Executive Officer
145 Views    10 Comments

Barbara Hunt

Founder and CEO, NetAbstraction
Network Security
Cybersecurity
Virtualized Network

Are company CISOs (Chief Information Security Officers) aware of the vulnerabilities of the networks they are using to transmit valuable and proprietary data through their chosen communications networks?

Anyone directly using the Internet exposes their IP address, location and network identity. Any external connection used by your company is a potential source of attack on your data and systems. Even more problematic, typical networks are fixed, static and easily located. By the time you discover a network breach, you’ve already lost the battle. Your adversaries have found your network…they know who you are, where you are located and have harvested invaluable metadata for a future attack.

Since the advent of the Internet and worldwide connectivity, how we are all inter-connected has changed drastically, but the underlying network infrastructure has progressed little from what was implemented 50 years ago. Have you ever asked or questioned how your network connectivity is implemented? Is your network exposing potential cyber-attack vectors?

There is a 90% chance of someone knowing the exact routing of any particular data transmission.

What’s the Risk?

Reports of network and endpoint data exploitation are in the news almost daily:

  • “Attacker hit VPN firm Avast through its VPN”
  • “NSA warns VPN vulnerabilities exploited by nation-state hackers”
  • “DHS Alerts to Remote Vulnerabilities in Multiple VPN Applications”
  • “Capital One Reports Data Breach Affecting 100 Million Customers, Applicants”
  • “Top VPNs secretly owned by Chinese firms”
  • “Exclusive: China hacked eight major computer services firms in years-long attack”
…and on and on!
Attack Vulnerability

An Internet Exchange Point (IXP) is where Internet networks come together to peer or exchange traffic between their networks. Peering is a process by which two networks connect and exchange traffic. There are only a few large global peering points around the world.

Because of this limited and well-established topology for network transmissions, nation-states and organized crime, even individual hackers, prefer to target attacks at the closest router locations. These networks have become a huge malware transmission vehicle.  

Only 10% of malware is normally detected …90% of malware gets through.

Today’s Reality

Carriers are points of attack for adversaries in order to identify the carriers’ customers and as a point of attack for their network management data. Subscriber information located in data center/carrier records are a great source to help identify the specific circuit that is being used by the target customer.

Carrier network infrastructure is the single, most logical point of attack for any given target.  

As a result, users are open to the vulnerabilities of the carrier’s infrastructure; e.g. malware infested routers.

What to do?

Many enterprises aren’t even aware of the risks they are accepting with their endpoint and network configurations. Although risk managers implement very complex and expensive processes to mitigate all kinds of other enterprise risks, they often overlook their network vulnerabilities. Just as in any other risk mitigation policy, you need “insurance” against loss.

We all carry different types of insurance policies. Hopefully we never have to claim against them but when we do, they are there to help mitigate costs. The same is true with enterprise network risks…why wait to actually be attacked to then worry about how you are going to react and what the costs will be to your organization?

The Solution

Enterprises need to look beyond their current configurations and reactionary processes. NetAbstraction is unique in that the company provides a proactive foundation for smart enterprise privacy. By transparently distributing network communications within and across multiple clouds, and regularly churning the underlying network infrastructure, NetAbstraction effectively hides your enterprise’s network.

The dynamic shifting of communications across multiple commercial providers and use of multi-hop transport, make actual user information, origin location and identities a nearly impossible target to find for hackers, search engine optimization companies and other privacy threats. “If they can’t find you…they can’t attack you.”

Enterprises must start thinking about their networks proactively instead of reactively, and consider reducing their “network risk insurance” costs.


Featured Blogs

Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Corey Williams | Vice President, Marketing

CrowdStrike Becomes a Publicly Traded Company

June 12, 2019 - 5 mins
Related Content
Your title content goes here

It is a long established fact that a reader will be distracted by the readable.

Read More
Your title content goes here

It is a long established fact that a reader will be distracted by the readable.

Read More
Your title content goes here

It is a long established fact that a reader will be distracted by the readable.

Read More

Ad Space

Barbara Hunt

Founder and CEO, NetAbstraction

Barbara is a recognized expert in information and telecommunications technology and operations, based on her extensive experience in the Intelligence Community (IC). She is a sought-after speaker and presenter in the cyber communications market.

Related Content
Multiple Weaknesses in Industrial Control Systems Can Expose Organizations to Serious Risks

Protecting your system at the network level is the only effective way of mitigating Zero Day vulnerabilities.

READ MORE
“Chaos Is the Point”: Russian Hackers and Trolls Grow Stealthier in 2020

One expert told the Senate Intelligence Committee that Russia was “conducting the reconnaissance to do the network mapping. To do the topology mapping, so that you could actually understand the network, establish a presence so you could come back later and actually execute an operation.

READ MORE
Top VPNs secretly owned by Chinese firms

Nearly a third of top VPNs are secretly owned by Chinese companies, while other owners are based in countries with weak or no privacy laws, potentially putting users at risk, security researchers warn.

READ MORE

Subscribe

Sign up for the latest posts and updates from NetAbstraction.

Subscribe

Related Blogs

Category
Best practices for Mobile Device Security

This article appeared in Security Brief, New Zealand and is republished here with their permission.Mobile phones have a huge impact on the day-to-day lives and the way one communicates with the world.

Read More
Category
Watch Compelling Keynotes and Sessions from the Fal.Con for Public Sector Conference

rowdStrike’s first Fal.Con for Public Sector cybersecurity conference — held last week at the new International Spy Museum in Washington D.C. — brought together.

Read More
Category
ITProPortal: CrowdStrike Discusses Life Beyond Malware

This article, “Life Beyond Malware,” originally appeared on ITProPortal and is published here with their permission.

Read More
2020
NetAbstraction