The Holidays Bring Both Cheer and Fear to Network Administrators

Almost one year ago to the day, the “most wonderful time of the year” became anything but for millions of Americans when news of the Target data breach broke. Not only did that attack force us all to think twice about how our digital information is managed, it forever changed the network security landscape and put IT administrators in a perpetual state of high alert. This holiday season, having suffered through a full year of attack after attack, network administrators have battened down the hatches even further, living in constant fear that their organization could become the next target of hackers. The silver lining is that these attacks have forced IT departments to re-evaluate their internal security policies, and at least raise awareness of how crucial it is – if not actually put in place – the infrastructure necessary to protect their organizations. But despite now having a better understanding of the landscape of cyberthreats and vulnerabilities, as well as having shored up their cyber defenses, IT departments must remain vigilant towards the potential cyberthreats lurking in the shadows this holiday season. From the new technologies employees receive as gifts, to the vulnerabilities that could arise from employees accessing the corporate network remotely, there’s plenty for network administrators to be preoccupied by this time of year. New Gifts, New Threats? For a few holiday seasons now, mobile devices, Internet of Things trinkets and wearable technology have been at the top of consumer gift lists. They’re popular nearly to the point of ubiquity, which is actually bad news for the network administrators who have to account for employees connecting these...

What Network Security Lessons Can We Learn from the Sony Attack?

Hollywood is a place that can be driven mad by star-studded gossip, where the talk of the town is rarely private and where people are accustomed to their secrets not staying secret for very long. Yet, this state of play hasn’t made it any easier for the victims of last month’s cyberattack against Sony, carried out by shadowy assailants calling themselves the Guardians of Peace. As the public knows by now, it seems as though the attackers spared nothing in their initial leak of 27 gigabytes worth of data. They released the type of information that seems to be exposed after seemingly every corporate hack, from the personal information of employees to the company’s classified assets, which in this case even included the script for an upcoming James Bond film. But that wasn’t all. They also exposed the kind of information unique to an entertainment giant like Sony – the lurid Hollywood gossip, revelations of celebrity aliases and even off-the-record studio executives’ opinions about some of today’s box office smashes. Sony’s Imperfect Network Security History So how could this have happened? Although the finger-pointing has been ongoing since the attackers revealed themselves to Sony employees at the end of November, what’s clear is that the malware used by the Guardians of Peace was undetectable by antivirus software, and, as is often the case with attacks as broad as these, human error within Sony – passwords that were both easy to crack and stored in a file directory marked “passwords” – may also have been a factor. Unfortunately, these aren’t new criticisms of the company. Sony’s network security defenses, from...

The Trouble with the Endpoint

Much to the dismay of network administrators, IT security today is complex and multi-faceted, from the varied attack vectors to the different types of attackers themselves. But there is always one constant: the endpoint. When those endpoints are attacked, and end users cannot access services, data and applications, it is futile for a business to even host and offer them. The client, that is the device, not the human being using it, has undergone enormous changes over the last decade, thereby putting the burden on IT professionals to evolve their networks accordingly. The PC, with Windows 95, was the starting point. Next came myriad Microsoft operating system updates, followed by new form factors like tablets and smart phones, which introduced a whole new dimension. With each new client, the applications changed as well. Browsers and apps opened up unfamiliar, sometimes encrypted, and sometimes proprietary, data channels, from the Internet right down to the file system. And of course, attackers have kept track of those changes and adapted their methods accordingly over the years. To cope with these ever-evolving forms of attack, network administrators developed innovative defense mechanisms. Classic anti-virus tools were followed by sandboxes that tried to detect and block malware by offering these programs a limited, simulated runtime environment. The most recent approach uses micro-VMs, which try to contain malware within the kernel process level. Additionally, businesses now use a whole arsenal of security measures, ranging from the humble password to two-factor authentication, firewalls and encryption, to name but a few. And nothing is wrong with these measures. After all, an endpoint that uses anti-virus software is better...