View Post

Another shot across the World War 3.0 bow?

In Blog post by Sam Coleman0 Comments

The expulsion and impending sanctions against Russia for cyberattacks on the 2016 presidential election make the new Cold War a few degrees hotter. It’s yet another development of World War 3.0 – the slow and steady march of nation state sponsored cyber conflict, as entities hit against digital and even critical infrastructures. US president Obama’s casting out of 35 Russian diplomats, accused of facilitating the cyberattack against the Democratic National Committee (DNC) as well as being part of the WikiLeaks dump of Clinton campaign manager John Podesta’s email, came after months of investigation into the cyber intrusions that experts – as well as 17 US agencies including the DHS, FBI …

View Post

2016: a year of cybersecurity incidents

In Blog post by Clavister Blog Staff0 Comments

As we approach the end of 2016, major media outlets have been quick to name it as one the worst years ever, in terms of bad news.  While the discussion about exactly how bad it is compared with previous years continues, it’s certainly been a significant year in terms of major cybersecurity stories.  Let’s look back at some of the most significant security stories from the past 12 months, and the lessons that can be drawn from them. Businesses being held to ransom Ransomware was the most prominent attack trend of 2016, with organizations from hospitals to the San Francisco Muni Metro falling victim to it. Cybercriminals have learnt that …

View Post

TTL=1 ?

In Blog post by Sam Coleman0 Comments

As IoT becomes a major threat surface from which malware, DDoS and other exploits emanate from, Clavister has a simple but powerful idea to make the Internet a safer place to live and work. In the IP protocol, each packet has a Time To Live counter, which counts down for every router it passes through – a mechanism for avoiding endless loops. When it reaches 0, the packet is discarded. So, if packets are sent out with a TTL of 1, they can’t go further than your local network. “What?”, you ask. Well, this single 35-year-old byte can help secure legions of IoT devices with very little effort. Read on! …

View Post

Clavister chosen to secure NTTBP’s country-wide WiFi network in Japan

In Blog post by Clavister Blog Staff0 Comments

NTTBP, the Japanese provider of carrier-grade, highly customized WiFi services, has chosen Clavister and its integrator partner MIRAIT to implement security on NTTBP’s extensive public Wi-Fi network which has over 220,000 access points across Japan.  It delivers high-density WiFi in stadiums and convention centers as well as a range of value-added services, and can be accessed using NTTBP’s free Japan Connected-free WiFi app, available from both Apple’s and Google’s app stores. To build the country-wide network, NTTBP partnered with dozens of Japanese municipalities (including Hiroshima and Kanazawa), retailers such as Seven-Eleven Japan and Bic Camera, and transport providers such as All Nippon Airways and Narita Airport. WiFi is recognized as …

View Post

Security lessons from the Deutsche Telekom cyberattack

In Blog post by Clavister Blog Staff0 Comments

Hundreds of thousands of Deutsche Telekom customers in Germany found themselves unable to access the internet recently, thanks to a massive cyberattack that attempted to infect around a million routers. The attackers were using Mirai malware, which attempts to hijack vulnerabilities in connected devices like routers, harnessing them to join the enormous global Mirai botnet. Then, as part of the botnet, those machines are used to launch attacks on other organizations, whether Distributed Denial of Service (DDoS) attacks to force them offline, flooding them with spam, or attempting to inject additional sophisticated malware and social engineering attacks. The bigger the botnet grows, the more damaging those attacks become. No less …

View Post

Tele2 goes all in on SDN/NFV

In Blog post by Sam Coleman0 Comments

A bold transformation is happening in the telco space, a shift that is – in many ways – as substantive as the shift from GPRS to 3G and all that’s subsequently come after. As the telco carriers see the 5G horizon coming at them, a few pioneers are quickly realizing that the future is an SDN/NFV one, that the prize on the horizon is virtual that allows unparalleled performance, Opex and Capex reduction and a fully scalable multi-core environment. The end of Big Iron appliances is here and for these visionary telcos – tired of rip and replace – it’s not soon enough. Tele2, one of the biggest telco operators …

View Post

What will the Trump administration mean for IT security?

In Blog post by Clavister Blog Staff0 Comments

We all know that people running for political office will make many promises that they have no intention of ever fulfilling.  But a key battleground of the recent US presidential election was related to cybersecurity:  Hillary Clinton’s emails, the FBI versus Apple, hacking the Democratic National Party and more. So what does the Trump administration mean for enterprise security, and the cybersecurity industry? “So we have to get very, very tough on cyber and cyber warfare,” is the closest we got from Trump during debates.   But given his vocal position on forcing Apple to crack the encrypted iPhone used by the San Bernardino shooter, it’s not unreasonable to expect him …

View Post

The end of ‘Big Iron’ security appliances for communication service providers: new guide

In Blog post by Clavister Blog Staff0 Comments

As Communications Service Providers (CSPs) look to take advantage of the elastic scalability that virtualization offers, it’s critical that they build security into these new network environments, to protect their infrastructure and subscriber data against threats. Gartner believes CSPs can anticipate Opex reductions of 60% and Capex reductions of 40%* with the adoption of SDN/NFV infrastructures, as well as introduce valuable new services such as Software-Defined WAN and virtual CPEs. Gartner also claims CSPs looking to deliver new digital services and service enhancements, such as on-demand virtual VPN services for enterprises, will find that SDN and NFV can drive robust revenue from these sources, thanks to vastly improved operational efficiency …

View Post

Lessons from the Liberian DDoS attack

In Blog post by Clavister Blog Staff0 Comments

A massive DDoS attack has compelled the Liberian authorities to request assistance from the UK and the US in securing the country’s IT infrastructure.  While the attack did not take down the country’s entire Web access, nor affect the African Coast to Europe (ACE) submarine fibre cable which links Liberia to the wider internet as some initial media reports suggested, it did bring down the country’s Lonestar MTN internet service provider, which is responsible for about 60% of the country’s network.  What’s more, the outage lasted for around two weeks – far too long for individuals and businesses alike. The source of the attack has not been confirmed, but suspicions …

View Post

Was the Tesco Bank heist an inside job?

In Blog post by Clavister Blog Staff0 Comments

Millions of pounds have been stolen from the accounts of 9,000 Tesco Bank customers, in what the company’s chief executive has called ‘a systematic, sophisticated attack’.  That’s nearly 7% of the bank’s 136,000 current accounts, with suspicious activity tracked across another 40,000 (30%). And the amounts of money stolen weren’t all small either:  2,400 UKP was the largest amount taken from a single customer. This attack is of course, not the first on a major bank and it is unlikely to be the biggest in terms of losses, either – these are currently estimated at around 2.5million UKP.  What does make the attack unusual is the sheer number of consumer …