Feeds

Been hacked? Don't dial 999: The plods are too dense, sniffs sec bigwig

'The problem is too big for the authorities to handle'

Internet Security Threat Report 2014

Police are powerless to stop super-smart criminals from hacking the world's biggest companies, a top-ranking security bod has warned.

Juniper Networks' security chief said there was simply no longer any point in calling the police when hackers and DDoSers came to call, because the cops can't do anything. He wants to see a world where big firms share information about potential targets and stop them before any damage can be done.

Henrik Davidsson, the firm's EMEA director of security, said: "The problem is too big for the authorities to handle, playing into the hands of the cyber criminals. Additionally there are complications with the global complexity that hacking presents. Who is responsible if a hacker based in Asia attacks a European company? We’ve simply reached a stage where the IT security industry needs to be able to protect itself."

Davidsson made the comments while telling El Reg about Juniper's new "next generation data centre security" system, which now incorporates anti-DDoS defence systems. We visited Juniper's Dutch testing lab, where they show off their latest data centre and networking technology.

Amsterdam is, of course, famous for two things - and neither were on offer at Juniper Networks' Dutch outpost. Instead the big data shifting bods wanted to show off their sexy racks, although not in the way that most visitors to the city would understand.

Money is not discussed in the Juniper Proof of Concept lab, where customers - and the nerdier type of journalist - come to coo over various bits of data centre gubbins. Which is just as well, because with prices stretching into the tens of thousands of euros, this is not a place for the casual shopper.

Juniper told us their new data centre security system offers a four-pronged manner of repelling hackers and DDoS assaults.

The system allows companies to collect the "fingerprints" of individual hackers, by building up a picture of the attacker based on 200 characteristics, including browser settings, time zone and even fonts. This allows for the blocking of individual devices, a more sophisticated form of defence than simple IP blocking.

The newest part of this system is called DDoS Secure, which Juniper claims is capable not only of repelling traditional large-scale DDoS attacks, but also the newer “low and slow” attacks, which use slow, small-scale traffic to bypass security and bring down servers.

DDoS Secure monitors incoming and outgoing traffic, learning which IP addresses and devices can be trusted. It can detect unusual activity from a user and then respond by blocking them.

Whenever a threat at one port or other vulnerable point is identified, its details are immediately sent to other access points in order to make sure the attacker is repelled.

Juniper claimed its "Active Defence" system not only worked by fending off attacks, but by identifying threats and stopping them.

Davidsson added: "Active Defence allows you to identify the bad guys before they attack. If you know who the bad guys are, and where they are coming from, you can make life difficult for your attackers if they try and break your defences.

"Attackers can be identified by a deception point, of which there are thousands. This allows you to identify the characteristics of their device, what fonts they use, what patches they have installed and their IP address, among others. With that you can push a digital fingerprint to the cloud and share the details with partners and other vendors to ensure that more organisations do not face the same threat."

According to a Juniper survey of 4,771 IT execs worldwide, 60 per cent said their systems had been attacked in the past 12 months. But the same percentage of execs were unhappy with their current defence systems, including next-generation firewalls and IP blocking.

"For 40 anti-virus systems, there is only a 5% catch rate," Davidsson continued. "According to William Fallon’s book The Cyber-readiness Reality Check the number of organisations under attack is close to 100%. More than a third of cyber security execs at companies with revenues greater than $100 million are unable to see an attack once it finds its way into the perimeter of their system. It’s like leaving your front door wide open when there is a burglar in the neighbourhood.

"Traditional security methods just aren’t passing the test and companies don’t stand a chance as cyber-crime becomes increasingly sophisticated and more frequent."

Juniper's bosses stepped down on Wednesday in happy circumstances, with the firm's profits and sales both up. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.