A network security team can only fight what they can see, an organisation’s network security depends on their ability to rapidly detect and respond to emerging threats across their infrastructure, whether that is Tier 1 Operator, Enterprise or Cloud Provider. However, attack methods and strategies are constantly evolving, making threat detection an always-moving target. A good base to start from is understanding what type of threats may lurking in your network, these threats look very different depending on throughput of network traffic.
A Content Delivery Network or CDN is a system of distributed servers and nodes that delivers web content to a user, based on the geographical location of the user, the origin of the webpage and the content delivery service. The purpose of the CDN is to avoid bottle necks that would occur if every user tried to access content from one central location, the CDN replicates and redirects content so it is available to many users all at once. Ultimately improving user experience across multiple geographical locations (i.e. not just to those users who are physically closest to the server with the original content) and easing pressure on network infrastructure resources.
Cybercriminals are increasingly using application layer Distributed Denial of Service (DDoS) to attack their victims. Unlike a Layer 3-4 DDoS attack that consumes network bandwidth, an application layer or L7 attack can be much smaller in traffic volume and can go unnoticed until too late. This type of attacks effectiveness lies in its ability to mimic genuine HTTP request traffic, usually going unnoticed until it too late. Application layer attacks of this nature are often part of a wider multi-vector DDoS that looks to disrupt different parts of a victim’s infrastructure.
A UDP flood is a type of volume based DDoS (Distributed Denial of Service) attack, where large numbers of UDP (User Datagram Protocol) packets are sent to a target server, limiting its ability to carry out its functions. UDP traffic doesn’t require a three-way handshake to make a connection like TCP (Transmission Control Protocol), it runs with lower overhead and is ideal to carry data that doesn’t need to be checked and rechecked, such as VoIP. This means it is easier for attackers to generate large traffic volumes with tools like Low Orbit Ion Cannon (LOIC) and UDP Unicorn.
Steve is an experienced technical B2B cyber security specialist and Director. Steve is a frequent speaker on topics including security breaches, big data analytics, audit and compliance, and IT forensics.
Telecommunications providers are migrating data backbones to 100GbE to carry increasing traffic volume shared between multiple services and technologies such as mobile VoLTE, Virtual Network Functions (VNFs) and Software Defined Networking (SDN) infrastructure. Data is often exchanged through virtual tunnels, where threats can hide, making detection complex, decreasing network visibility and security.
Cyber criminals have been using DNS for malicious purposes successfully for years, malware such as DNSChanger uses DNS to target high value data held by ISP’s, CSP’s, CDN’s, Governments and Enterprise.
Everyone in the infosec community will agree that Intrusion Detection Systems (IDS) are an important component in any effective cyber security strategy, perhaps not the most press worthy but integral to policing your network borders. Much like a burglar alarm, an IDS is timeless in its effectiveness in detecting and alerting that someone has breached perimeter security measures. However, IDS technology is not evolving at the pace it once did but that doesn’t mean that there aren’t exciting innovations and changes happening.
If you enter “‘Big Data definition” in to any search engine, you will get the following result ‘extremely large data sets that may be analysed computationally to reveal patterns, trends, and associations, especially relating to human behaviour and interactions’ or the Wikipedia result which is ‘Big data is data sets that are so voluminous and complex that traditional data processing application software is inadequate to deal with them. There are three dimensions to big data, which are ‘Volume, Variety and Velocity’’.
FloCon 2018 is officially the first show of 2018 for Telesoft and is shaping up to be a research driven action packed show highlighting next generation data analytics. The title of this year’s show is ‘FloCon: Using Data to Defend’ and we couldn’t agree more. You can only defend against what you can see and understand, unless of course you are a Jedi or some sort of other worldly Mystic (if so we will be in the main foyer on Booth #7 please drop by we have questions!).
Sarah is an experienced B2B technology marketing professional, creating content for the Cyber Security, Telco and Government Infrastructure sectors.
on Wednesday, 13 December 2017. Posted in Cyber, Events
From the serial swag magpies, interesting/very amusing PowerPoint meme usage to the crazy, scary and sexy hacks. Black Hat Europe 2017 was exactly everything you come to expect from the Blackhat events team, so congrats for another great conference. Security experts from around the world shared ground breaking research, open-source tools (did you see our very own Dom presenting Telesoft’s Open Source based CERNE IDS Platform on Thursday? He’s kind of a big deal now) and zero day exploits.
We are using cookies to provide statistics that help us give you the best experience of our site.
Cookies are short reports that are sent and stored on the hard drive of the user's computer through your browser when it connects to a web. Cookies can be used to collect and store user data while connected to provide you the requested services and sometimes tend not to keep. Cookies can be themselves or others.
There are several types of cookies:
Technical cookies that facilitate user navigation and use of the various options or services offered by the web as identify the session, allow access to certain areas, facilitate orders, purchases, filling out forms, registration, security, facilitating functionalities (videos, social networks, etc..).
Customization cookies that allow users to access services according to their preferences (language, browser, configuration, etc..).
Analytical cookies which allow anonymous analysis of the behavior of web users and allow to measure user activity and develop navigation profiles in order to improve the websites.
So when you access our website, in compliance with Article 22 of Law 34/2002 of the Information Society Services, in the analytical cookies treatment, we have requested your consent to their use. All of this is to improve our services. We use Google Analytics to collect anonymous statistical information such as the number of visitors to our site. Cookies added by Google Analytics are governed by the privacy policies of Google Analytics. If you want you can disable cookies from Google Analytics.
However, please note that you can enable or disable cookies by following the instructions of your browser.