View Post

Building security into the IoT

In Blog post by Clavister Blog Staff0 Comments

The rapidly expanding Internet of Things (IoT) has ushered in some major cybersecurity challenges over the past few years. Indeed, we’ve known for some time now that security in the IoT is often severely problematic or even non-existent. 2016 saw the emergence of the giant Mirai botnet, which specifically targeted smart devices such as Internet-enabled digital video recorders (DVR) and surveillance cameras (CCTV). It was used to launch DDoS attacks of unprecedented scale, brought down Brian Krebs’ website in September and has since been used to target a whole range of organizations.  We blogged in January about the enormous impact a Mirai attack had on Deutsche Telekom, for example. The …

View Post

Gone phishing? How to educate employees about the risks of phishing emails

In Blog post by Clavister Blog Staff0 Comments

A comprehensive cybersecurity strategy incorporates multiple elements. Technology is one part of the picture, sure – you need the right tools, appliances, software and hardware in place to protect against malicious network access and to identify problems as they occur. But people are an equally important component. Employees make mistakes, and can be tricked into handing over the keys to the castle, allowing cybercriminals direct access to confidential data and protected systems. The Chief Information Security Officer at the Department for Homeland Security (DHS) in the US recently stated that the biggest security threat they face is spear phishing – that is, employees being targeted with highly personalized emails that …

View Post

A more competitive edge: Clavister partners with Aptilo for edge computing

In Blog post by Clavister Blog Staff0 Comments

One of the major challenges of the ever-expanding Internet of Things (IoT) for businesses is the question of how to deal with the rapid growth of endpoint devices in a typical enterprise IT architecture. Latency and bandwidth limitations mean that applications with real-time requirements are increasingly likely to fail, because traditional architectures simply cannot cope with the increased demands. This is where ‘edge computing’ comes in. It’s a way of meeting these increased networking demands by providing data, applications and services locally or at the network edge using SDN/NFV technologies. From a security point of view, this means moving services like intelligent policy enforcement to the network edge. Now, Clavister …

View Post

Of BYOD, AI and you

In Blog post by Sam Coleman0 Comments

How do artificial intelligence and endpoint security equal the latest way to stop the nastiest threats out there – ransomware, identity theft and DDoS? It all started with our liberation… Oh, how our work lives have changed over the space of the last few decades. You came to work, you logged onto the company PC that was chained to your desk, one that was ported to the on-premises company network, overseen by the diligent and friendly company IT administrator. You went home, went on a trip and forgot to bring a document or a spreadsheet? Tough luck; you’re not connected to your office network probably and if you were, it …

View Post

A powerful vote for multifactor authentication

In Blog post by Clavister Blog Staff0 Comments

Now that the dust is settling after the U.S. Presidential election, it’s worth looking back at one of the most controversial issues that happened during the run-up to the election itself – and at how that issue might never have happened, if the parties involved had been using the appropriate cybersecurity measures. The issue started in March 2016 when the personal Gmail account of John Podesta, chairman of Hillary Clinton’s 2016 U.S. presidential campaign was hacked following a spear-phishing attack.  The hackers stole several thousand emails, many of which pertained to Clinton’s election campaign activities, and these were passed to Wikileaks, which published them in early October, ahead of the …

View Post

How virtualized security will transform telcos’ networks

In Blog post by Clavister Blog Staff0 Comments

As communications service providers (CSPs) transform their businesses to deliver next-generation connectivity and services, they are embracing virtualization, to take advantage of optimized network efficiency, greater agility and the opportunity to create new revenue streams – all of which can be done easier and quicker in virtualized environments. One of the key drivers is the transition to 5G, and enabling IoT environments that will require cost-effective and flexible solutions if they are to be commercially feasible.  5G is all about high performance and low latency, which will require more distributed environments, closer to the end user.  The same is true for IoT, with millions of connected devices to the network …

View Post

Securing critical infrastructure against … squirrels

In Blog post by Clavister Blog Staff0 Comments

Sophisticated cybercriminals and nation-state attackers.  Out-of-date hardware and software.  Weaponized malware.  Disgruntled ex-employees. Careless current employees.  We’re all familiar with some of the potential cyber-risks to critical infrastructure and networks.  But what about squirrels? Yes, squirrels. Recent research has shown that more than 1700 power cuts affecting nearly 5 million people since 2013 were directly attributable to animals damaging power lines, leading to outages.  Squirrels came top of the list, responsible for an impressive 879 of these ‘attacks’ by gnawing through electricity cabling around facilities.  The researcher behind the project said he started tracking these issues in an attempt to dispel some of the hype around cyberattacks made by individuals …

View Post

You can bank on GeoIP blocking to help stop DDoS attacks

In Blog post by Clavister Blog Staff0 Comments

Online banking services at the major UK bank, Lloyds, were intermittently disturbed over a two-day period recently. At various times, different sets of customers were unable to access their accounts.  However, no sensitive data was accessed, and no funds were stolen.  On the scale of damaging cyberattacks, it didn’t appear to be too problematic. But the outward calm masked frenetic activity behind the scenes, in Lloyds’ IT security team, as the service interruptions were due to a massive distributed denial of service (DDoS) attack, part of a broader campaign by a sophisticated gang of cybercriminals. Halifax and Bank of Scotland were also targeted.  By flooding the banks’ computer systems with …

View Post

Password protected?

In Blog post by Clavister Blog Staff0 Comments

Ask the average person in the street for a basic element of cybersecurity and ‘passwords’ will likely come up pretty quickly. If you press them to explain what a ‘strong’ password is, and even the least computer literate tend to have an understanding of the importance of choosing hard-to-guess options, containing a mixture of characters, and of not reusing the same password between different accounts. However, ‘understanding’ is not the same as ‘practicing’, however. And new research has revealed that many people are still using predictable, easily-guessed or otherwise weak combinations. According to the research, the top passwords of 2016 were ‘123456’, ‘qwerty’ and ‘111111’, with more than half of …

View Post

Fake news – but real threats

In Blog post by Clavister Blog Staff0 Comments

Russian agents have launched a cyberattack on the power grid in the US!  That was the message of a somewhat alarming news story that recently hit the headlines.  As Reuters put it, ‘malware associated with Russian hackers has reportedly been detected within the system of a Vermont electric utility.’  Yet days later, the story was debunked as something of an exaggeration. Far from being a sophisticated, deliberate cyberattack, it seems that an employee at the Burlington Electric Department simply logged on to check his email and connected to a potentially suspicious IP address – an IP address that is not always linked with malicious activity anyway. So we can all …