Carriers see security as a vital component of their five-year strategies and expect to increase spending on security in 2018 according to the Telecoms.com Annual Industry Survey 2017. Is security a good business opportunity for Carriers?
Carriers providing value-added services need to protect both their network infrastructure and their end-customers from internet threats. New threats are constantly emerging but remodeling your security architecture to address each new threat may leave gaps in your security coverage. Bolting-on third-party products to fill gaps isolates your core architecture from change but creates complexity and management challenges such as multiple operating consoles and data integration barriers. Are carriers fighting a losing battle?
With IoT on the rise, consumers are rightfully afraid of privacy invasions. But, infected devices can serve far more sinister purposes. Herewith, we breakdown the ways a botnet works.
We just conducted our monthly Cyber Insider discussion, this time focusing on what deep analysis of new core domains reveals about new threats and zero-day malware. As a company that processes 1.7 trillion DNS queries a day and analyzes 100 billion queries a day from our global service provider customers, we are in a unique position to gain insights.
For many years ISPs in certain parts of the world have been required by their regulators/governments to redirect certain websites that were deemed malicious or suspicious. DNS offered a straightforward way to do this; and Nominum, being a DNS company, developed an early mechanism using a DNS zone file that made it simple for ISPs to comply. The technology was originally named “Malicious Domain Redirection” (MDR), and it basically allowed DNS server operators to perform a single action for a given domain name. Actions could be categorized so that each action or redirection did not have to be repeated.
The rising cost and complexity of today’s evolving cyberattacks require organizations to take a new approach to cybersecurity – one that blocks threats and malicious sites at the network level and is characterized by a closed loop model. This is particularly true for the small and medium-sized business (SMB) market, where cost constraints and limited security expertise leave Main Street businesses around the globe vulnerable to ransomware and other damaging malware.
Ransomware has changed a lot since it was introduced back in 1989 by Dr. Joseph Popp, where 20,000 floppy disks were distributed via snail mail. The malware hid files on a victim’s hard drive and encrypted only the file names, rather than the entire files themselves. As one might assume, the entire remediation process was manual, rather than digital. Popp’s program asked victims to print the ransom note and send $189 to a bank in Panama. When he was caught, he was determined unfit to stand trial. All the money he obtained was donated to AIDS research.
As has been widely reported, a new ransomware known as ‘petya’ (also being referred to as `notpetya` or `petwrap` in the research community) started circulating on the internet earlier this week. It appears the attacks started in Eastern Europe and caused widespread damage around the globe.
In my last blog post, part 1 of this series, I discussed the important role DNS plays in protecting service provider networks from DNS amplification attacks, and the necessity of not only blocking malicious queries but also of not blocking good queries. In this post, I’ll look at Pseudo-Random Subdomain (PRSD) attacks and other malware (like phishing and ransomware), showing why DNS is perfectly suited to protect both networks and subscribers.