In-brief: adoption of Internet of Things technologies puts a premium on the use of network segmentation to ensure connected devices don’t undermine the overall security of the network, according to Cisco’s Scott Harrell.
Here we find ourselves at the beginning of a new year, and I can’t resist looking ahead. As I observed in last month’s column, I’m an advocate for cyber security fundamentals. And, like any “fundamentalist,” I would like to assert that these security fundamentals won’t change. As for the Internet of Things as a whole, however, I believe that we are on the cusp of tremendous change. In the next year, I predict that many of the assumptions that have guided us in areas like networking, application development, data analysis and – yes – security will undergo major, and necessary, change. But to what? And from whom? That’s what I’d like to explore. This past December, I attended the inaugural weekend of CyberCamp, a three-day event in Madrid hosted by INCIBE and the Spanish government. In addition to having the honor of being one of the keynote speakers, I had the opportunity to speak with a […]
Recently, the Akamai Threat Research Team unveiled a unique distributed brute force attack campaign targeting nearly five hundred WordPress applications. What’s interesting about this campaign? It clearly demonstrates how Web attackers are becoming more sophisticated, attempting to evade security controls – specifically Web Application Firewalls (WAFs) and rate control protections. A Short Primer to Brute-Force Attacks Brute force Web attackers attempt to gain privileged access to a Web application by sending a very large set of login attempts, within a short period of time. Using volumetric single source of attack is easily mitigated by blacklisting. Today’s brute force attacks are typically characterized by volumetric attacks coming from distributed IPs. In this way, if the attacker’s source IP is detected, they can still continue with the attack campaign by switching a source IP. As part of this cat-and-mouse evolution, WAFs are enhanced with several rate control measures that detect and block […]
In the last year, the world’s attention has been riveted by a series of high-profile hacks of major corporations in retail, finance and the entertainment industry, among others. Each of these incidents is unique, involving different threat actors and motives. However, each of these attacks is also a sterling example of what we, at Cisco, term “multi-vector attack” that employs a range of technologies, deployed in numerous stages, to penetrate the defenses of the target organization. Here at Cisco, we have studied these attacks in-depth and have identified some commonalities among these multi-vector attack, and useful approaches to combat them. This blog post will discuss some of our findings. About Multi-Vector Attacks Any cyber attack, large or small is born from a weak link in the security chain. These weak links take many forms: poorly configured Web servers, gullible employees or vulnerable-but-common applications like Microsoft Office, Adobe Reader and Java are common examples. Multi-vector attacks […]
I really struggled to come up with a clever analogy to start this post. In doing so I realized that this exercise was itself, the exact problem I was trying to describe. So much conversation about cyber security, especially cyber security for the Internet of Things (IoT), focuses on the sexy, the complicated, the one-in-a-million. In doing so, we ignore the most common threats and basic attacks. I would like to argue that if we are to effectively defend ourselves in this new IoT world, we cannot ignore the fundamentals of security. But let’s be honest: the basics are boring. I know that. Many of the practices that are most important are also the ones we’ve heard about before. As we look at them: there isn’t anything new there. That’s true – but I take that as proof that they are sound practices, worthy of keeping top-of-mind, rather than old knowledge that can be discarded. Here’s […]