Cohort News

LATEST NEWS:

NEWS CATEGORIES:

Understanding the very real nature of the latest cyberthreats

February 27, 2012

Professor John Walker London Chapter ISACA Security Advisory Group and CTO of Secure-Bastion believes the days of external simplex threats have now given way to multi-faceted attack vectors.

And this is before we get into the realm of rogue employees and privileged identity management. And it’s against this backdrop that the fundamental principles of governance, risk and compliance (GRC – the bedrock of ISACA) have returned to the fore.

But what are today’s cyberthreats? From detailed analysis of the current threat landscape, it can be seen that the hybridised nature of today’s security threats centres on hacking, serious and organised crime and the recently-arrived issue of hacktivists.

And let’s not overlook the problem of misplaced data. Add to this the dangers hosted by smart malware code such as Stuxnet and Duqu – and the possibility of a cyberwar as outlined by Foreign Secretary William Hague this year – and you have an idea of the challenges facing government.

Overactive Imagination?
For many years there has also been some debate as to the reality of any form of cyberwar or cyberconflict – which many observers ascribe to an overactive imagination on the part of the industry’s thought leaders and analysts.

Even taking into account recent high-profile system hacks – there have been no examples of a pure cyberwar casualty. While there has never been a cyberwar, let us not forget, neither has there been a nuclear war, but such weapons of mass destruction have nevertheless been used.

During 2010/2011 the US and UK governments announced they were focusing more on cyber defences. In doing so, they indicated that this low-cost method of delivering a potentially devastating payload to the heart of the enemy’s systems was now considered a serious threat.

In addition, the UK government also revealed that, at the end of 2010, various servers has been attacked using the notorious Zeus malware. On this same topic Foreign Secretary Hague informed a Munich security conference that the attack was considered to be part of an international effort to infect systems.

Though malware is still on the rise – the concept that today’s malware is ever more imaginative is weakening and, as a result, the anti-malware developers may be a little closer to developing ahead-of-the-game compliance technologies. This should not allow complacency. The Infosecurity Europe show in the spring of 2011 saw the threat of AETs – advanced evasion threats – becoming reality, but very little media attention was given to the development of more advanced AET threats that the malware bandwagon inevitably evolved.

The risk landscape changed last year largely as a result of hacktivist groups such as Anonymous and its forebears. This is no idle threat – attacks targetted the Royal Navy, the UK government, the NHS and commercial sector organisations and newspapers.

Read full feature here

Cohort unleashes the Empower

February 22, 2012

Vendor: Empower

Cohort Technology has taken the wraps off a raft of partner managed services under its new Empower brand.

The services are additional to those already offered by Cohort including training, consultancy and TAC support.

Initially the Empower branded services include firewall, network access control, encryption and DDos protection.

Grahame Smee, managing director of Cohort, said: “By allowing our reseller partners to use our back end systems, it opens up a huge potential income stream for them.

“Empower means that any partner can offer a pay-as-you-grow to their customers at a time when capital expenditure remains difficult to secure,” he added. “The system is totally flexible in terms of contract, SLA and reporting. The reseller maintains the end user relationship while we provide the expertise and management systems.”

Smee said Cohort will be adding new modules as the servcie develops, with a Certificate Management module already scheduled for next quarter.

Read CRN press release here

Corero Network Security Appoints Value Added Distributor Cohort Technology to Build UK Channel

February 8, 2012

Vendor: Corero

Corero Network Security (CNS: LN), a leading global provider of Distributed Denial of Service (DDoS) Defence Systems (DDS) and Network Intrusion Prevention Systems (IPS), has appointed Cohort Technology Ltd as its UK value added distributor. The appointment forms a key element of the security vendor’s UK channel strategy to build upon its existing base of technically sound resellers to support the strong sales growth of its range of security solutions.

Cohort was selected on the basis of its specialist security focus and expertise and range of IT support services including a 24×7 technical hotline and IP FIX IT range of post-sales managed services to provide customer and resellers with round the clock support. Corero’s sales strategy is one hundred per cent focused on the channel.

André Stewart, President International at Corero comments, “We’ve seen a massive increase in interest over the past year, particularly in our DDoS Defence solutions, as businesses realise that traditional security solutions are inadequate to protect their critical websites from attacks.” Stewart adds, “The high-profile attacks on websites worldwide by financially motivated and ideologically inspired hactivists like Anonymous have prompted businesses and government organisations to examine their security defences and frequently found them lacking. We’re looking to work with Cohort to build a quality channel of resellers to service this fast-growing market opportunity.”

Grahame Smee, Managing Director of Cohort adds, “The Corero product line and proven expertise in DDoS defence fits perfectly into our portfolio of security solutions and value added services. It offers our reseller partners the opportunity to invest in building and supporting a burgeoning market that fulfils a real and present need and offers a chance to retain decent margins. “

Read CRN article here

About Corero Network Security
Corero Network Security (CNS:LN) is an international network security company and the leading provider of Distributed Denial of Service (DDoS) defence and Intrusion Prevention System (IPS) solutions. Corero’s products and services provide comprehensive, integrated, high-performance protection against constantly evolving network-borne cyber threats. Customers include enterprises, service providers and government organizations worldwide. Corero’s appliance-based solutions are highly adaptive and preemptively respond to modern cyber attacks, known and unknown, protecting critical information and online assets. Corero’s products are transparent on the network, highly scalable, and feature the lowest latency, and highest reliability in the industry. Corero is headquartered in Hudson, Mass., with offices around the world.

Concern over security breaches driving change in authentication market

February 6, 2012

Data protection company SafeNet, Inc. has announced the results of a new 2011 State of the Channel Authentication survey, in which more than 100 IT security resellers revealed that recent security breaches and deployment of new technologies are driving organisations to re-evaluate incumbent authentication vendors and re-think their authentication strategies.

“Recent highly-targeted security attacks have dramatically impacted enterprise and government organisations. The breadth and sophistication of these attacks is prompting organisations to review their authentication strategies and solutions— some for the first time in years,” said John Marler, Chief Technology Officer at SOS Security. “Now, more than ever, our customers are searching for highly flexible authentication solutions that provide security and control, and the ability to scale and adapt as an organisation’s requirements evolve.”

The end of year survey of more than 100 IT security resellers found the following customer behaviours:

Three out of four resellers report that customers are “more” or “much more” concerned about security breaches now than they were a year ago.
More than seven out of ten resellers are actively discussing with their customers the authentication and protection of their data in the cloud and/or virtual environments.
Authentication for mobile devices, certificate-based authentication, software authentication, and secure browser authentication solutions top the list when it comes to customer interest in new authentication technologies.
More than 45 per cent of responders indicate that customers have expressed interest in these evolving solutions.
Sixty-seven per cent of resellers are exploring new authentication options and vendors when renewing contracts to meet evolving requirements.
More than 50 per cent of resellers surveyed are either currently searching or are likely to search for new authentication vendors with which to partner

Read full article here

Hackers stole data from VeriSign

February 3, 2012

Attackers repeatedly hacked VeriSign’s network and stole information in 2010, the company revealed in a quarterly regulatory filing.

The Internet infrastructure provider did not disclose what information was stolen or other details of the attacks in its 10-Q report filed in October with the U.S. Securities and Exchange Commission that was reported on by Reuters today.

“In 2010, the Company faced several successful attacks against its corporate network in which access was gained to information on a small portion of our computers and servers,” the company wrote. “Information stored on the compromised corporate systems was exfiltrated.”

The company said it did not believe attackers had breached the servers that run the domain name system (DNS) network, a key piece of infrastructure that directs people to the correct site when they type in a Web address. A compromise of the DNS system could allow attackers to redirect Web surfers to malicious sites or to intercept government or important e-mail communications.

The disclosure was in the “Risk factors” section of the filing, under a heading titled: “We experienced security breaches in the corporate network in 2010 which were not sufficiently reported to Management.”

VeriSign’s information security group was aware of the attacks shortly after they occurred, sometime in 2010, the filing said. Meanwhile, management was not informed until September 2011.

“Given the nature of such attacks, we cannot assure that our remedial actions will be sufficient to thwart future attacks or prevent the future loss of information,” the filing said. “In addition, although the Company is unaware of any situation in which possibly exfiltrated information has been used, we are unable to assure that such information was not or could not be used in the future.”

Meanwhile, Symantec, which bought VeriSign’s certificate business in summer 2010, said those products and services were not affected. “Symantec takes the security and proper functionality of its solutions very seriously,” Symantec spokeswoman Nicole Kenyon said. “The Trust Services (SSL), User Authentication (VIP, PKI, FDS) and other production systems acquired by Symantec were not compromised by the corporate network security breach mentioned in the VeriSign, Inc. quarterly filing.”

Asked for comment, VeriSign provided CNET this statement: “We cannot provide any further information than what is included in the 10-Q document Verisign filed on October 28, 2011.”

Reuters discovered the VeriSign disclosure during an examination of more than 2,000 corporate documents that were filed since the SEC published new guidelines for reporting security breaches.

The disclosure is reminiscent of a public announcement RSA made last year of a “sophisticated” targeted cyberattack that led to data theft that put millions of customers of its SecurID authentication tokens at risk. There also were breaches at other certificate authorities, including GlobalSign, DigiNotar, and Comodo reported last year. And in 2010, Google went public with news that it had been the victim of a targeted attack, likely from China.

Read full article here

« Previous Page Next Page »