View Post

You can bank on GeoIP blocking to help stop DDoS attacks

In Blog post by Clavister Blog Staff0 Comments

Online banking services at the major UK bank, Lloyds, were intermittently disturbed over a two-day period recently. At various times, different sets of customers were unable to access their accounts.  However, no sensitive data was accessed, and no funds were stolen.  On the scale of damaging cyberattacks, it didn’t appear to be too problematic. But the outward calm masked frenetic activity behind the scenes, in Lloyds’ IT security team, as the service interruptions were due to a massive distributed denial of service (DDoS) attack, part of a broader campaign by a sophisticated gang of cybercriminals. Halifax and Bank of Scotland were also targeted.  By flooding the banks’ computer systems with …

View Post

Password protected?

In Blog post by Clavister Blog Staff0 Comments

Ask the average person in the street for a basic element of cybersecurity and ‘passwords’ will likely come up pretty quickly. If you press them to explain what a ‘strong’ password is, and even the least computer literate tend to have an understanding of the importance of choosing hard-to-guess options, containing a mixture of characters, and of not reusing the same password between different accounts. However, ‘understanding’ is not the same as ‘practicing’, however. And new research has revealed that many people are still using predictable, easily-guessed or otherwise weak combinations. According to the research, the top passwords of 2016 were ‘123456’, ‘qwerty’ and ‘111111’, with more than half of …

View Post

Fake news – but real threats

In Blog post by Clavister Blog Staff0 Comments

Russian agents have launched a cyberattack on the power grid in the US!  That was the message of a somewhat alarming news story that recently hit the headlines.  As Reuters put it, ‘malware associated with Russian hackers has reportedly been detected within the system of a Vermont electric utility.’  Yet days later, the story was debunked as something of an exaggeration. Far from being a sophisticated, deliberate cyberattack, it seems that an employee at the Burlington Electric Department simply logged on to check his email and connected to a potentially suspicious IP address – an IP address that is not always linked with malicious activity anyway. So we can all …

View Post

Why fee?

In Blog post by Sam Coleman0 Comments

As WiFi explodes in use and points of access, the challenge becomes how to secure users, manage data flow and even how to go from free to fee. Naturally, our world is defined by connectivity: we live and work on our broadband or 4G networks, our devices have become the steering wheel to drive on these digital fast lanes. But consider those roads for a moment. You have a mobile lane, a fast and untethered high speed freeway which gives the maximum convenience as it’s on your device, the signal spread over base stations through 4G (and soon 5G). But that convenience comes at a price (literally) as well as …

View Post

Joining forces to protect the Internet of Things

In Blog post by Clavister Blog Staff0 Comments

Being at the cutting edge of technological development and working closely with partners to drive innovation has always been a top priority for Clavister – especially in the Internet of Things (IoT) space.  We’re one of the founding and contributing partners for Intel’s IoT Innovation Centre in Stockholm, which opened in 2014. The ever-expanding IoT is changing the technology industry at an amazing pace. The analyst IHS has predicted that the number of devices connected to the IoT ecosystem will grow from 15.4 billion in 2015 to an enormous 30.7 billion in 2020. It’s no surprise, then, that organizations across a range of sectors are joining forces and collaborating to …

View Post

Another shot across the World War 3.0 bow?

In Blog post by Sam Coleman0 Comments

The expulsion and impending sanctions against Russia for cyberattacks on the 2016 presidential election make the new Cold War a few degrees hotter. It’s yet another development of World War 3.0 – the slow and steady march of nation state sponsored cyber conflict, as entities hit against digital and even critical infrastructures. US president Obama’s casting out of 35 Russian diplomats, accused of facilitating the cyberattack against the Democratic National Committee (DNC) as well as being part of the WikiLeaks dump of Clinton campaign manager John Podesta’s email, came after months of investigation into the cyber intrusions that experts – as well as 17 US agencies including the DHS, FBI …

View Post

2016: a year of cybersecurity incidents

In Blog post by Clavister Blog Staff0 Comments

As we approach the end of 2016, major media outlets have been quick to name it as one the worst years ever, in terms of bad news.  While the discussion about exactly how bad it is compared with previous years continues, it’s certainly been a significant year in terms of major cybersecurity stories.  Let’s look back at some of the most significant security stories from the past 12 months, and the lessons that can be drawn from them. Businesses being held to ransom Ransomware was the most prominent attack trend of 2016, with organizations from hospitals to the San Francisco Muni Metro falling victim to it. Cybercriminals have learnt that …

View Post

TTL=1 ?

In Blog post by Sam Coleman0 Comments

As IoT becomes a major threat surface from which malware, DDoS and other exploits emanate from, Clavister has a simple but powerful idea to make the Internet a safer place to live and work. In the IP protocol, each packet has a Time To Live counter, which counts down for every router it passes through – a mechanism for avoiding endless loops. When it reaches 0, the packet is discarded. So, if packets are sent out with a TTL of 1, they can’t go further than your local network. “What?”, you ask. Well, this single 35-year-old byte can help secure legions of IoT devices with very little effort. Read on! …

View Post

Clavister chosen to secure NTTBP’s country-wide WiFi network in Japan

In Blog post by Clavister Blog Staff0 Comments

NTTBP, the Japanese provider of carrier-grade, highly customized WiFi services, has chosen Clavister and its integrator partner MIRAIT to implement security on NTTBP’s extensive public Wi-Fi network which has over 220,000 access points across Japan.  It delivers high-density WiFi in stadiums and convention centers as well as a range of value-added services, and can be accessed using NTTBP’s free Japan Connected-free WiFi app, available from both Apple’s and Google’s app stores. To build the country-wide network, NTTBP partnered with dozens of Japanese municipalities (including Hiroshima and Kanazawa), retailers such as Seven-Eleven Japan and Bic Camera, and transport providers such as All Nippon Airways and Narita Airport. WiFi is recognized as …

View Post

Security lessons from the Deutsche Telekom cyberattack

In Blog post by Clavister Blog Staff0 Comments

Hundreds of thousands of Deutsche Telekom customers in Germany found themselves unable to access the internet recently, thanks to a massive cyberattack that attempted to infect around a million routers. The attackers were using Mirai malware, which attempts to hijack vulnerabilities in connected devices like routers, harnessing them to join the enormous global Mirai botnet. Then, as part of the botnet, those machines are used to launch attacks on other organizations, whether Distributed Denial of Service (DDoS) attacks to force them offline, flooding them with spam, or attempting to inject additional sophisticated malware and social engineering attacks. The bigger the botnet grows, the more damaging those attacks become. No less …