Been hacked? Don't dial 999: The plods are too dense, sniffs sec bigwig
'The problem is too big for the authorities to handle'
Police are powerless to stop super-smart criminals from hacking the world's biggest companies, a top-ranking security bod has warned.
Juniper Networks' security chief said there was simply no longer any point in calling the police when hackers and DDoSers came to call, because the cops can't do anything. He wants to see a world where big firms share information about potential targets and stop them before any damage can be done.
Henrik Davidsson, the firm's EMEA director of security, said: "The problem is too big for the authorities to handle, playing into the hands of the cyber criminals. Additionally there are complications with the global complexity that hacking presents. Who is responsible if a hacker based in Asia attacks a European company? We’ve simply reached a stage where the IT security industry needs to be able to protect itself."
Davidsson made the comments while telling El Reg about Juniper's new "next generation data centre security" system, which now incorporates anti-DDoS defence systems. We visited Juniper's Dutch testing lab, where they show off their latest data centre and networking technology.
Amsterdam is, of course, famous for two things - and neither were on offer at Juniper Networks' Dutch outpost. Instead the big data shifting bods wanted to show off their sexy racks, although not in the way that most visitors to the city would understand.
Money is not discussed in the Juniper Proof of Concept lab, where customers - and the nerdier type of journalist - come to coo over various bits of data centre gubbins. Which is just as well, because with prices stretching into the tens of thousands of euros, this is not a place for the casual shopper.
Juniper told us their new data centre security system offers a four-pronged manner of repelling hackers and DDoS assaults.
The system allows companies to collect the "fingerprints" of individual hackers, by building up a picture of the attacker based on 200 characteristics, including browser settings, time zone and even fonts. This allows for the blocking of individual devices, a more sophisticated form of defence than simple IP blocking.
The newest part of this system is called DDoS Secure, which Juniper claims is capable not only of repelling traditional large-scale DDoS attacks, but also the newer “low and slow” attacks, which use slow, small-scale traffic to bypass security and bring down servers.
DDoS Secure monitors incoming and outgoing traffic, learning which IP addresses and devices can be trusted. It can detect unusual activity from a user and then respond by blocking them.
Whenever a threat at one port or other vulnerable point is identified, its details are immediately sent to other access points in order to make sure the attacker is repelled.
Juniper claimed its "Active Defence" system not only worked by fending off attacks, but by identifying threats and stopping them.
Davidsson added: "Active Defence allows you to identify the bad guys before they attack. If you know who the bad guys are, and where they are coming from, you can make life difficult for your attackers if they try and break your defences.
"Attackers can be identified by a deception point, of which there are thousands. This allows you to identify the characteristics of their device, what fonts they use, what patches they have installed and their IP address, among others. With that you can push a digital fingerprint to the cloud and share the details with partners and other vendors to ensure that more organisations do not face the same threat."
According to a Juniper survey of 4,771 IT execs worldwide, 60 per cent said their systems had been attacked in the past 12 months. But the same percentage of execs were unhappy with their current defence systems, including next-generation firewalls and IP blocking.
"For 40 anti-virus systems, there is only a 5% catch rate," Davidsson continued. "According to William Fallon’s book The Cyber-readiness Reality Check the number of organisations under attack is close to 100%. More than a third of cyber security execs at companies with revenues greater than $100 million are unable to see an attack once it finds its way into the perimeter of their system. It’s like leaving your front door wide open when there is a burglar in the neighbourhood.
"Traditional security methods just aren’t passing the test and companies don’t stand a chance as cyber-crime becomes increasingly sophisticated and more frequent."
Juniper's bosses stepped down on Wednesday in happy circumstances, with the firm's profits and sales both up. ®