Over the past months, the BBC, the New York Times, and other major news and commercial websites became victims of Malvertising attacks. DOROS HADJIZENONOS, Country Manager of Check Point South Africa explains.
One of the most prominent ways malware spreads is by infecting websites and delivering drive-by attacks. When a user visits an infected site an exploit kit is activated. Once activated, the kit checks to see if the machine is vulnerable to one or more of the exploits it contains. If so, it leverages the vulnerability to install malicious software on the user’s device. Since this is a common threat, most websites harden their systems to protect themselves and their visitors from infection.
However, hackers can avoid the need to infect a well-guarded website by infecting the servers that supply advertisements to them instead. This form of attack is called Malvertising and is extremely effective for attackers who wish to reach a broad audience with their malware. The more popular the website, the larger the impact will be.
A Growing Trend
Malvertising is not a new form of an attack, but it has become headline news after several recent occurrences. At the beginning of March, a large Malvertising campaign targeting Baidu’s advertising platform was revealed. Despite having started in October 2015, this campaign’s evasive and elaborate nature enabled it to remain undercover and impact countless users in China for over four months. Two weeks later, several major news sites, including the BBC and New York Times, were hit with a Malvertising campaign. Visitors to these sites were targeted by a ransomware variant, similar to the infamous Cryptolocker attack, served by the Angler exploit kit. The attackers did not stop after the campaign was finally exposed.
They simply changed tactics to target videos as their Malvertising platform, instead of infecting users as they previously had through web banners. The campaign continued successfully targeting the Fox News website, among others.
Another recent Malvertising campaign targeted Australian users with an even more complex attack flow. First, they infiltrated a law firm’s website. Then they created fake advertisements containing the firm’s logo and published them on the Gumtree website, a subsidiary of eBay, which receives 48 million visitors a month. The attackers were able to stay hidden by altering the supplied ads, switching between benign and malicious ones, making it harder for security vendors to identify them.
It is interesting to notice that hackers often attack suppliers who work with the main websites, rather than attacking the sites themselves. Often times, leveraging an attack through a supplier proves an easier path to success than a direct attack on the intended victim. We have seen this pattern with several Malvertising attacks. The same approach was used in the infamous Target hack, in which the attackers infiltrated Target’s network by compromising the network of Target’s suppliers first.
For this reason, we believe that the Malvertising trend will continue to impact major sites and users worldwide. In order to mitigate it, Ad servers must enhance their security measures and ensure the content they supply is legitimate.
How Can You Protect Your Organisation?
What we have learned from recent Malvertising attacks is that education and awareness about these threats are not enough to stay protected. Even the standard security measures that already exist in most organisations are only capable of preventing known threats and are not capable of countering the advanced, continuously evolving tactics of today’s cybercriminals.
Organisations that wish to stay fully protected must elevate their threat prevention strategies and protect themselves, not only from known threats, but also against unknown malware and zero-day threats, like Malvertising. To address this challenge, Check Point offers SandBlast Zero-Day Protection; the most advanced solution to protect against these new and unknown malware and advanced threats.
Cisco unveils ‘Internet for the future’ silicon breakthrough
Cisco One is a new silicon architecture that can be used in any form factor, while Cisco 8000 will reduce cost of building and operating mass scale networks
Cisco today unveiled a series of innovations it says will underpin “the Internet for the Future”. It launched Cisco Silicon One, a new networking silicon architecture, and the Cisco 8000 Series, the world’s most powerful carrier class routers built on the new silicon.
Chuck Robbins, chairman and CEO of Cisco, said its technology strategy was to build a new internet designed to push digital innovation beyond the performance, economic and power consumption limitations of current infrastructure. It would be a multi-year approach that will define the Internet for decades to come.
“Innovation requires focused investment, the right team and a culture that values imagination,” said Robbins. “We are dedicated to transforming the industry to build a new internet for the 5G era. Our latest solutions in silicon, optics and software represent the continued innovation we’re driving that helps our customers stay ahead of the curve and create new, ground-breaking experiences for their customers and end users for decades to come.”
Cisco said in its announcement: “Over the next decade, digital experiences will be created with advanced technologies — virtual and augmented reality, 16K streaming, AI, 5G, 10G, quantum computing, adaptive and predictive cybersecurity, intelligent IOT, and others not yet invented. These future generations of applications will drive complexity beyond the capabilities current internet infrastructure can viably support.
“For the past five years, Cisco has driven a technology strategy that is building the internet our customers will need for the future success of their business in an advanced digital world. Aimed at solving the toughest problems that will emerge as digital transformation taxes current infrastructure to its breaking point, this strategy will lead to the next-generation of internet infrastructure that combines Cisco’s new silicon architecture with its next-generation of optics.
“Cisco’s strategy will change the economics behind how the internet will be built to support the demands of future, digital applications and will enable customers to operate their businesses with simpler, more cost-effective networks.”
Cisco says its strategy is based on development and investments in three key technology areas: silicon, optics and software.
David Goeckeler, executive vice president and general manager of the Networking and Security Business at Cisco, elaborated: “Pushing the boundaries of innovation to the next level — far beyond what we experience today — is critical for the future and we believe silicon, optics and software are the technology levers that will deliver this outcome.
“Cisco’s technology strategy is not about the next-generation of a single product area. We have spent the past several years investing in whole categories of independent technologies that we believe will converge in the future — and ultimately will allow us to solve the hardest problems on the verge of eroding the advancement of digital innovation. This strategy is delivering the most ambitious development project the company has ever achieved.”
Visit the next page to read about the dramatic performance improvements in the new products.
Building the Internet for the Future begins now
By JONATHAN DAVIDSON, SVP and general manager of Cisco’s Service Provider Business
“We do not remember days; we remember moments.” Those words from Cesare Pavese have been one of my personal favorites. Interestingly, we remember thesesignificant, or “flashbulb” moments in our lives in vivid detail. We rememberexactly where we were, whom we were with, what we felt, or even what we werewearing. One of my flashbulb moments was 20 years ago in 1999 when Brandi Chastain made the winning penalty shot during the Women’s World Cup inspectacular fashion. At the time, I was coaching my oldest daughter’s soccer team.That victory felt like the start of something big. It had this wonderful feeling thatwomen’s soccer was going to change for the next generation.
I believe we are having one of those “flashbulb” moments right now in the networking industry. Years from now, we will look back and remember this moment in time. Because today, Cisco revealed breakthrough innovations sosignificant and expansive, they will change the economics of the Internet forthe next generation.
Significant technological innovations have defined human history. The steamengine replaced muscle with machinery. With the telegraph, communications exceeded the speed of animals. And, with the Internet, information wasdigitized, and global communities were created.
IP infrastructure connects our world. The Internet has profoundly changed the waywe work, live, play, and learn – anything, anywhere, anytime. The results are astounding. Our ability to connect and collaborate has caused society to evolve faster than ever before. We have made more progress in mitigating wars, preventing famine, and curing disease in the last 35 years than in the previous35,000.
Today is the moment when we enter a new phase of the Internet. Technologiessuch as 5G, IoT, 3D printing, and advanced analytics are connecting more, increasing participation, and pushing digitization further. And as a result, industries like mining becomes safer, agriculture becomes more efficient, transportation becomes autonomous, and healthcare becomes wellness-driven, not crises-driven. The possibilities are endless. And service providers will be the catalysts for changing economies, countries, and the world because at the very heart of this next transformation is the network infrastructure that makes it all possible.
The route to success for service providers is not straightforward or simple. There are fundamental business challenges. Networks, which are already huge, must become even more massive. And to succeed, service providers need to transform not only their infrastructure but their operations and their business models as well.
Our current network economics will begin to break as we evolve to operate at massive scale. The physics behind our past achievements are already showing signs of slowing down, while traffic growth continues to accelerate. So far, performance increases have helped to reduce the cost of traffic at about the same rate that traffic has increased. $1 in CapEx today does eleven times the work that it did just a few years ago. However, continuing with the status quo will likely lead to a significant increase in CapEx unless we reinvent the rules.
The cost of operations must be reduced too. Today, many operators spend almost $5 in OpEx for each $1 of CapEx. With current network management technology, that situation is likely to get worse, as the larger a network becomes, the more inefficient it is to operate unless we reinvent the rules.
With innovation from a technology pioneer that spans multiple dimensions across silicon, optics, software, and systems to create entirely new network architectures, this is that “flashbulb moment” when Cisco is redefining the economics of the Internet.
Redefining the economics of the Internet has to begin at the foundation. The very “DNA” of the Internet itself. The engine to a car. Silicon.
Moore’s law is stalling. While the rest of the industry slows down from the physics of traditional approaches, we have unlocked new dimensions of innovation. By rethinking silicon design entirely, we can deliver industry-leading performance today and create a “fast lane” to the future. We are excited to introduce our groundbreaking programmable silicon architecture, Cisco Silicon One. The first member of this new family, Cisco Silicon One Q100, delivers over twice the network capacity and twice the power efficiency over any other silicon. It is the first routing silicon to break through the 10Tbps barrier without compromising carrier-class capabilities (e.g., feature richness, large buffers, advanced programmability). And Cisco Silicon One is available right now; we won’t make you wait for it.
The innovations in Cisco Silicon One bring significant value to lowering operational costs as well. In the past, multiple types of silicon have been used across a network and even within a single device. Feature development was inconsistent. Telemetry varied dramatically.
Operators had to spend too much time and effort coordinating and testing parity of new features across the network. Now, a single silicon architecture can serve different market segments, different functions, and various form factors for a unified experience that dramatically reduces costs of operations and time-to-value for new services.
Optic costs matter. At lower interface speeds, optics were roughly 10% of the total solution cost, and systems accounted for the remaining 90%. At 400G and beyond, that equation flips. Optics become the dominant part of the total spend.This dynamic needs to change, a long-term strategy is required to make it easier to deploy both short-reach and long-haul optics solutions.
Cisco is investing in technologies like silicon photonics to accelerate the adoption of 400G and prepare for the future beyond 400G. Our recent acquisition of Luxtera brings a highly automated wafer-scale manufacturing process to Cisco that improves production volumes and quality.
If silicon is the engine of a car, the software is the steering and suspension to enable phenomenal handling. Even the world’s most advanced silicon can be wasted without the right software to steer correctly and operate smoothly. Imagine the ride at 400 km/h without proper steering and suspension. Any unfortunate bump or turn could be disastrous.
To redefine the economics of operating a network, the Internet of the future needs software that recognizes operations is just as important as functionality. Cisco IOSXR7, the new release of our industry-leading Networking Operating System (NOS), has been overhauled to prioritize operations – with simplicity and automation. It has been simplified to reduce required resources, install procedures, and deployment efforts (e.g. zero-touch).
Most notably, XR7 has been completely modernized. XR7 is the first-of-its-kindcloud-enhanced NOS. XR7 can leverage new cloud-delivered SaaS deployment models from Cisco Crosswork Cloud to enhance operations. Now, operations team scan optionally consume insights and analytics as a service for agile, proactive management without the risks and resources of traditional models.
Now, we get to the “car” itself. With new silicon and new software, we can build new systems that have the performance, efficiency, and operational improvements to meet the next wave of traffic demand. Today, we introduce theCisco 8000 series routers, new systems optimized for high-density 100GbE and400GbE, including:
- 2 fixed platforms – providing 10.8Tb/s of network bandwidth starting at I RU
- 3 modular form-factor platforms – 8 slots, 12 slots and 18 slots delivering upto 115 Tbps, 172 Tbps and 260 Tbps respectively
These are systems designed without compromise and with a very bright future.No oversubscription. Full fabric redundancy. Power efficiency down to as little as4 Watts/Gb. That is 1/4 to 1/5th the amount of power that our nearest competitor uses. And a “clean sheet” design allows us to grow into 1.6 TbE interfaces and beyond.
Wait, there’s more. The most distinctive characteristic of the Cisco 8000 relates to trustworthiness. Networks are critical infrastructure as they connect industries,finance, utilities, and governments and service providers must maintain the integrity of their infrastructure. The chain of trustworthiness begins by knowing whether or not the hardware and software are authentic. The Cisco 8000 Series are equipped with tamper-proof hardware that serves as the root of trust to prevent any modification of the hardware or software. Next, the NOS, XR7, works with Cisco Crosswork Cloud to provide real-time visibility and control to deliver the trustworthy networks that the Internet requires.
To grow to the size and capabilities that the next generation will demand, the Internet requires fundamental changes. We reinvented from the ground up, the DNA, the performance curve, operations, trust, and even the rules. We reinvented what Cisco does best.
And these reinventions will allow us to build the future on new architectures –converged, cloud-enhanced, and trustworthy. We that work in the networking industry will hopefully remember this moment years from now. I hope it is just as vivid a memory as Brandi Chastain’s winning goal 20 years ago.