The Community Health Care Cyber Attack has been well publicized. Heartbleed was one of the methods used to compromise and capture the sensitive information. Not a lot has been published or released on who was affected but there will be more.
Barrier1 will be presenting at the Indiana Career & Technical Education conference in Sept. This conference is attended by a wide variety of positions that make up today’s school systems for the State of Indiana. This conference brings together IT, Educators, and Administration. After all, network security is important for all positions. The more individuals are informed and understand network security, the more secure the organization.
SSH has both a good and bad side. One of the Key features is being used to compromise networks. The ability of “Port Forwarding” allows an innocent outbound connection to a remote SSH server to become a malicious inbound connection to your own network. Therefore you can have a trusted network become the conduit or entrance method into your network. This is additional difficult to identify because SSH traffic is encrypted.
Barrier1 customers are protected.
The basis of Context-Aware is to dynamically adapts to known pattern of behavior, device profile, and data classification. Intelligent Threat Mgmt. goes deeper into All 7 OSI layers and the relationship to each aspect. In addition, to be Effective and Accurate on either system requires extreme depth in Data Analytics and Data Modeling. Bayesian alone is NOT enough.
TOR, or sometimes referred to as Onion Routing, was designed to prevent others from learning about you. It would hide your location, your habits/sites you go to on the internet, and other attributes. It proves anonymity. Like all with good intentions, the very nature of TOR can be used by Cyber Criminals. Barrier1 inspects TOR networks and protects against it as well as inspecting the traffic flowing through it.
New reports have shown the aver. length of time a new and or unpatched system lasts before being scanned or attack has dropped drastically. In the last 15 months it dropped from 40 min. to 18 min. This is not the end of this time compression. Many are now predicting and finally talking about Polymorphic. That is the ability to change code and attack vectors over a period of time to avoid detection by Point solutions. This will also compress. Predictions are now being made that new worm variants known as Flash Worms will be able to infect within 30 secs. In comparison it took Code Red and NIMDA 20+ Hrs.
Recently a new, phising scam included what appeared to be an email from AMEX. In the content it requested to check/click the box to agree to the agreement. This would launch you to a site that had been infected. This infection would have been stopped of course if the spam/email would not have gotten through but if the Web Site was check and inspected as well. URL filtering has big role and needs to be a part of an “Intelligence based solutions inspecting, analyzing, and reacting in All 7 OSI Layers Together.”
Today’s risks and attacks are different. They are more complex, faster, and a process. See, SC Mag. Peter Stephenson June 2014 article http://www.scmagazine.com/mitigating-risk-is-not-as-simple-as-it-seems/article/346194/
In networking there is always the race to make the claim of being the fastest. Recently 1 Terabit Firewall was announced. Like all systems make sure you know the testing metrics. In reality with the correct system architecture, common process can obtain this speed. It is the interface cards and the ability to handle multiple functions under load that is the real issue. ASIC based system claim speed but when under load of AV, AS, IDS, WAF, Malware Protection, DDOS protection, there performance drops drastically.
It was once believed that to be safe you just needed to require and or strengthen authentication. So, companies came up with 2 factor authentication. Today, cyber criminals have figured out how to get around it. Some of the same attributes are showing up here as well, they are 1. Sheer Volume, 2. Sophistication of the Attack, and 3. The ability to get around 2 factor authentication as part of a process. That process includes Malware, Rogue DNS, Android Malware, Phishing, spam, and etc.
Barrier1 integrates its 2 factor authentication functions with the rest of the Intelligent Learning Platform. BY using all components as a sensor Barrier1 uses key attributes to feed the on-board Dbase and thus used by the extensive suite of algorithms. This extensive and deep analytics delivers greater Effectiveness and Accuracy. All in real time.