Feeds

Been hacked? Don't dial 999: The plods are too dense, sniffs sec bigwig

'The problem is too big for the authorities to handle'

Protecting against web application threats using SSL

Police are powerless to stop super-smart criminals from hacking the world's biggest companies, a top-ranking security bod has warned.

Juniper Networks' security chief said there was simply no longer any point in calling the police when hackers and DDoSers came to call, because the cops can't do anything. He wants to see a world where big firms share information about potential targets and stop them before any damage can be done.

Henrik Davidsson, the firm's EMEA director of security, said: "The problem is too big for the authorities to handle, playing into the hands of the cyber criminals. Additionally there are complications with the global complexity that hacking presents. Who is responsible if a hacker based in Asia attacks a European company? We’ve simply reached a stage where the IT security industry needs to be able to protect itself."

Davidsson made the comments while telling El Reg about Juniper's new "next generation data centre security" system, which now incorporates anti-DDoS defence systems. We visited Juniper's Dutch testing lab, where they show off their latest data centre and networking technology.

Amsterdam is, of course, famous for two things - and neither were on offer at Juniper Networks' Dutch outpost. Instead the big data shifting bods wanted to show off their sexy racks, although not in the way that most visitors to the city would understand.

Money is not discussed in the Juniper Proof of Concept lab, where customers - and the nerdier type of journalist - come to coo over various bits of data centre gubbins. Which is just as well, because with prices stretching into the tens of thousands of euros, this is not a place for the casual shopper.

Juniper told us their new data centre security system offers a four-pronged manner of repelling hackers and DDoS assaults.

The system allows companies to collect the "fingerprints" of individual hackers, by building up a picture of the attacker based on 200 characteristics, including browser settings, time zone and even fonts. This allows for the blocking of individual devices, a more sophisticated form of defence than simple IP blocking.

The newest part of this system is called DDoS Secure, which Juniper claims is capable not only of repelling traditional large-scale DDoS attacks, but also the newer “low and slow” attacks, which use slow, small-scale traffic to bypass security and bring down servers.

DDoS Secure monitors incoming and outgoing traffic, learning which IP addresses and devices can be trusted. It can detect unusual activity from a user and then respond by blocking them.

Whenever a threat at one port or other vulnerable point is identified, its details are immediately sent to other access points in order to make sure the attacker is repelled.

Juniper claimed its "Active Defence" system not only worked by fending off attacks, but by identifying threats and stopping them.

Davidsson added: "Active Defence allows you to identify the bad guys before they attack. If you know who the bad guys are, and where they are coming from, you can make life difficult for your attackers if they try and break your defences.

"Attackers can be identified by a deception point, of which there are thousands. This allows you to identify the characteristics of their device, what fonts they use, what patches they have installed and their IP address, among others. With that you can push a digital fingerprint to the cloud and share the details with partners and other vendors to ensure that more organisations do not face the same threat."

According to a Juniper survey of 4,771 IT execs worldwide, 60 per cent said their systems had been attacked in the past 12 months. But the same percentage of execs were unhappy with their current defence systems, including next-generation firewalls and IP blocking.

"For 40 anti-virus systems, there is only a 5% catch rate," Davidsson continued. "According to William Fallon’s book The Cyber-readiness Reality Check the number of organisations under attack is close to 100%. More than a third of cyber security execs at companies with revenues greater than $100 million are unable to see an attack once it finds its way into the perimeter of their system. It’s like leaving your front door wide open when there is a burglar in the neighbourhood.

"Traditional security methods just aren’t passing the test and companies don’t stand a chance as cyber-crime becomes increasingly sophisticated and more frequent."

Juniper's bosses stepped down on Wednesday in happy circumstances, with the firm's profits and sales both up. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.