Are company CISOs (Chief Information Security Officers) aware of the vulnerabilities of the networks they are using to transmit valuable and proprietary data through their chosen communications networks?
Anyone directly using the Internet exposes their IP address, location and network identity. Any external connection used by your company is a potential source of attack on your data and systems. Even more problematic, typical networks are fixed, static and easily located. By the time you discover a network breach, you’ve already lost the battle. Your adversaries have found your network…they know who you are, where you are located and have harvested invaluable metadata for a future attack.
Since the advent of the Internet and worldwide connectivity, how we are all inter-connected has changed drastically, but the underlying network infrastructure has progressed little from what was implemented 50 years ago. Have you ever asked or questioned how your network connectivity is implemented? Is your network exposing potential cyber-attack vectors?
There is a 90% chance of someone knowing the exact routing of any particular data transmission.
Reports of network and endpoint data exploitation are in the news almost daily:
An Internet Exchange Point (IXP) is where Internet networks come together to peer or exchange traffic between their networks. Peering is a process by which two networks connect and exchange traffic. There are only a few large global peering points around the world.
Because of this limited and well-established topology for network transmissions, nation-states and organized crime, even individual hackers, prefer to target attacks at the closest router locations. These networks have become a huge malware transmission vehicle.
Only 10% of malware is normally detected …90% of malware gets through.
Carriers are points of attack for adversaries in order to identify the carriers’ customers and as a point of attack for their network management data. Subscriber information located in data center/carrier records are a great source to help identify the specific circuit that is being used by the target customer.
Carrier network infrastructure is the single, most logical point of attack for any given target.
As a result, users are open to the vulnerabilities of the carrier’s infrastructure; e.g. malware infested routers.
Many enterprises aren’t even aware of the risks they are accepting with their endpoint and network configurations. Although risk managers implement very complex and expensive processes to mitigate all kinds of other enterprise risks, they often overlook their network vulnerabilities. Just as in any other risk mitigation policy, you need “insurance” against loss.
We all carry different types of insurance policies. Hopefully we never have to claim against them but when we do, they are there to help mitigate costs. The same is true with enterprise network risks…why wait to actually be attacked to then worry about how you are going to react and what the costs will be to your organization?
Enterprises need to look beyond their current configurations and reactionary processes. NetAbstraction is unique in that the company provides a proactive foundation for smart enterprise privacy. By transparently distributing network communications within and across multiple clouds, and regularly churning the underlying network infrastructure, NetAbstraction effectively hides your enterprise’s network.
The dynamic shifting of communications across multiple commercial providers and use of multi-hop transport, make actual user information, origin location and identities a nearly impossible target to find for hackers, search engine optimization companies and other privacy threats. “If they can’t find you…they can’t attack you.”
Enterprises must start thinking about their networks proactively instead of reactively, and consider reducing their “network risk insurance” costs.
Barbara is a recognized expert , information, and telecommunications technology and operations, based on her extensive experience in the Intelligence Community (IC). She is a sought-after speaker and presenter in the cyber communications market.
Protecting your system at the network level is the only effective way of mitigating Zero Day vulnerabilities.READ MORE
One expert told the Senate Intelligence Committee that Russia was “conducting the reconnaissance to do the network mapping. To do the topology mapping, so that you could actually understand the network, establish a presence so you could come back later and actually execute an operation.READ MORE
Nearly a third of top VPNs are secretly owned by Chinese companies, while other owners are based in countries with weak or no privacy laws, potentially putting users at risk, security researchers warn.READ MORE
Sign up for the latest posts and updates from NetAbstraction.
This article appeared in Security Brief, New Zealand and is republished here with their permission.Mobile phones have a huge impact on the day-to-day lives and the way one communicates with the world.Read More
This article, “Life Beyond Malware,” originally appeared on ITProPortal and is published here with their permission.Read More