Archive for the ‘General’ Category

Newer Entries »

To capture or not to capture? Why that’s no longer a valid question

Original Entry by : Tim Nichols on Sunday, April 10th, 2011

In the last week both Symantec and IBM have released their annual security surveys which provide rich insight into the volume and range of security attacks circling the Internet.

As expected, Symantec Corp in their ‘Internet Security Threat Report’ highlighted a massive increase in threat volume (286 million new threats last year), accompanied by several new ‘megatrends’ in the threat landscape. The report highlights increases in both the frequency and sophistication of targeted attacks on enterprises; the continued growth of social networking sites as an attack distribution platform; and a change in attackers’ infection tactics. In addition, the report explores how attackers are exhibiting a notable shift in focus toward mobile devices.

Specifically, Symantec identified attacks such as Hydraq and Stuxnet as posing a growing threat to enterprises in 2010. To increase the likelihood of successful, undetected infiltration into the enterprise, an increasing number of these targeted attacks are leveraging zero-day vulnerabilities to break into computer systems. As one example, Stuxnet alone exploited four different zero-day vulnerabilities to attack its targets. While the high-profile targeted attacks of 2010 attempted to steal intellectual property or cause physical damage, many targeted attacks preyed on individuals for their personal information. For example, the report found that data breaches caused by hacking resulted in an average of more than 260,000 identities exposed per breach in 2010, nearly quadruple that of any other cause. At Endace, we see the prevention of data loss as being a key driver of technology investment over the next 12 months as organisations start to really understand the reputational damage caused when private customer data goes public.

Posted in Cyber Security Monitoring, General | No Comments » Read More

NSS IPS tests show average block rate only 57%

Original Entry by : Tim Nichols on Monday, May 24th, 2010

NSS Labs conducted a test of multiple IPS solutions from 7 well-known vendors in Q4, 2009. Their full report is available for purchase here (if you are interested in a copy of the full report, let us know as we’ve still got a limited number to give away and we’ve also negotiated a special deal for “friends of Endace”).

The NSS testing revealed issues with IPS performance that tally with our experience in the field, and which we felt are important for people to know about. So, with agreement from NSS, we’ve just released a graph (anonymised) from the NSS IPS testing. This showed that, even with tuned rule-sets, the average block-rate performance of the IPS solutions tested was just 57%.

Tags: ,
Posted in General | No Comments » Read More

Endace Probe 3.7.1 Release

Original Entry by : Tim Nichols on Friday, May 7th, 2010

We’re happy to announce that the Endace Probe 3.7.1 Release is now available for existing customers from the Endace support site and will be available on newly factory shipped systems from May 17.

This release is primarily a bug fix release with further improvements to Endace Analytics via the latest 2.2 version of CACE Pilot. This release also provides support for the legacy 200/2000 and 500/5000 Probe platforms, as well as full support for the new 3000 and 7000 Probe platforms. It also includes Endace Security Manager update 5.2.0.0, and support for 1GbE/10GbE mixed SKU’s on the 7000 series.

Posted in General | No Comments » Read More

10,000 DAG cards and 1000 Probes. An important milestone for Endace

Original Entry by : Tim Nichols on Tuesday, April 20th, 2010

We’re delighted to announce that we’ve just sold our 10,000th DAG card and our 1000th Probe.  We’ve been selling our Cards and Probes to Government Agencies, Telecos and Large Enterprises all over the world since 2001 and, just like the networks we monitor, the business just keeps going faster.

Mike Riley, our Chief Executive, puts the rapid rate of adoption down to “the market’s growing realisation that 100% guaranteed packet capture is the foundation layer on which the best monitoring, surveillance, security and latency measurement systems are built, and that without a completely accurate baseline organisations are realising that they are just guessing”

Tags: , ,
Posted in General | No Comments » Read More

Anatomy of a Conficker Infection

Original Entry by : Tim Nichols on Tuesday, April 20th, 2010

Rob O’Neil published a great article last week in Computerworld entitled ‘Anatomy of a Conficker Outbreak: Waikato District Health Board

The Conficker outbreak actually happened right at the end of last year and we tweeted it at the time,  but its only now that full facts behind the outbreak are public.

The story is a another classic case of an organisation only being as secure as the least secure point in the network.  The report cited faulty software, aging systems, complexity and a lack of full network control as contributing factors.  The outbreak caused some areas of the DHB to be shut down for two days. And the system responsible for the outbreak (the parking system) is still quarantined from the main network.

Tags:
Posted in General | No Comments » Read More

Leaky Ministry.

Original Entry by : Tim Nichols on Thursday, April 8th, 2010

An article in the New York Times Science section published earlier this week (5th April) caught our attention as it powerfully illustrates the need for capture, analysis and intrusion detection on government networks

The article exposes the activities of a China-based computer espionage gang that has been stealing highly sensitive information from the Indian Defence Ministry. The report was issued by researchers at the Munk School of Global Affairs at the University of Canada and makes fascinating reading for a whole variety of reasons.

Tags:
Posted in General, Uncategorized | No Comments » Read More

Coda Research predicts huge growth in mobile data

Original Entry by : Tim Nichols on Tuesday, March 30th, 2010

As smartphones like the iPhone and Android take over the mobile Web, the amount of data traffic going over cellular networks is expected to grow 40-fold over the next five years. UK firm Coda Research Consultancy forecasts that in the U.S. alone mobile handset data traffic will grow from 8 terabytes/month this year to 327 terabytes/month in 2015. That amounts to a 117 percent compound annual growth rate.

A lot of that data will come in the form of mobile Web browsing, with the biggest contributor expected to be mobile video. By 2015, mobile video will account for 68.5 percent of all mobile data usage in the U.S. (or 224 terabytes/month). Coda estimates that 95 million mobile handset subscribers in the U.S. will be watching video on their phones in five years out of a total of 158 million mobile internet users.

Tags: ,
Posted in General | No Comments » Read More

Janet Napolitano talking our language

Original Entry by : Tim Nichols on Tuesday, March 30th, 2010

There’s now broad agreement amongst experts that the ‘community’ is best placed to help solve the problem of security because it has access to the largest pool of security talent and expertise on the planet. No one organisation can match the power of the Open Source community when it comes to understanding and documenting the security landscape, which explains why community-based open-source security engines have been adopted by government, Telco and enterprises all over the world. In her keynote speech at RSA last month in San Francisco Janet Napolitano echoed much of our thinking on the subject.

Tags:
Posted in General | No Comments » Read More

Newer Entries »

  • You are currently browsing the archives for the General category.

Archives

Categories