Cyberthreat on the Internet

The Cyberthreats and Trends Enterprises Should Watch in 2016

Every year, Verisign iDefense Security Intelligence Services produces its Cyberthreats and Trends Report, which provides an overview of the key cybersecurity trends of the previous year and insight into how Verisign believes those trends will evolve. This report is designed to assist in informing cybersecurity and business operations teams of the critical cyberthreats and trends impacting their enterprises, helping them to anticipate key developments and more effectively triage attacks and allocate their limited resources.

(more…)

How to Choose a Cyberthreat Intelligence Provider

Throughout the course of my career I’ve been blessed to work with some of the most talented folks in the security and cyberthreat intelligence (CTI) mission space to create a variety of different capabilities in the public, private and commercial sectors. Before I came to lead the Verisign iDefense Security Intelligence Services team about five years ago, I had to evaluate external cyber-intelligence vendors to complement and expand the enterprise capabilities of my former organization.

(more…)

Verisign’s Perspective on Recent Root Server Attacks

On Nov. 30 and Dec. 1, 2015, some of the Internet’s Domain Name System (DNS) root name servers received large amounts of anomalous traffic. Last week the root server operators published a report on the incident. In the interest of further transparency, I’d like to take this opportunity to share Verisign’s perspective, including how we identify, handle and react, as necessary, to events such as this.

(more…)

Security Intelligence Best Practices for the Financial Industry

Securing a financial organization’s applications, networks and data is more challenging today than ever before. Almost daily, you hear of a breach that exposes customer data, damages or otherwise compromises back-end systems, or simply makes an organization’s online presence unavailable. Regardless of the cause of these breaches—be it a distributed denial of service (DDoS) attack, data theft, information disclosure or something else altogether—the victims almost always incur a significant loss to brand, customer confidence or even revenue itself. Bottom line is, if your business is responsible for keeping people’s money safe, your business can’t afford to fall victim to cyber-attacks.

But how can financial organizations stay ahead of increasingly diverse and effective cyber threats and actors?

(more…)

In Network Security Design, It’s About the Users

One of the longstanding goals of network security design is to be able to prove that a system – any system – is secure.

Designers would like to be able to show that a system, properly implemented and operated, meets its objectives for confidentiality, integrity, availability and other attributes against the variety of threats the system may encounter.

A half century into the computing revolution, this goal remains elusive.

One reason for the shortcoming is theoretical: Computer scientists have made limited progress in proving lower bounds for the difficulty of solving the specific mathematical problems underlying most of today’s cryptography. Although those problems are widely believed to be hard, there’s no assurance that they must be so – and indeed it turns out that some of them may be quite easy to solve given the availability of a full-scale quantum computer.

Another reason is a quite practical one: Even given building blocks that offer a high level of security, designers, as well as implementers, may well put them together in unexpected ways that ultimately undermine the very goals they were supposed to achieve.

(more…)

How DANE Strengthens Security for TLS, S/MIME and Other Applications

The Domain Name System (DNS) offers ways to significantly strengthen the security of Internet applications via a new protocol called the DNS-based Authentication of Named Entities (DANE). One problem it helps to solve is how to easily find keys for end users and systems in a secure and scalable manner. It can also help to address well-known vulnerabilities in the public Certification Authority (CA) model. Applications today need to trust a large number of global CAs. There are no scoping or naming constraints for these CAs – each one can issue certificates for any server or client on the Internet, so the weakest CA can compromise the security of the whole system. As described later in this article, DANE can address this vulnerability.

(more…)

web network

3 Tips for Improving Your Website DNS Performance During the Holidays

With the biggest shopping season just around the corner, it is more important than ever that your website is available and consumers can find it. As companies add eye-catching images, social share buttons and attractive promotions to grab consumers’ attention, they may also inadvertently be slowing down their website.
47% of customers expect a page to load in 2 seconds

For consumers who are increasingly impatient and expect a website to load within two seconds or less, the majority will quickly abandon a slow-loading page along with their shopping cart, resulting in lost revenue. With so many potential problems to slow down your site, the domain name system (DNS) doesn’t have to be one of them.

What is DNS?

DNS is the Internet’s equivalent to a phone book. It maintains a directory of domain names and translates them to their respective Internet Protocol (IP) addresses, enabling the end user to access a desired Web page. Any disruption to the DNS during the holiday season can be disastrous for retailers.

“DNS is the Achilles’ heel of the Web, often forgotten, and its impact on website performance is ignored until it breaks down,” explains Mehdi Daoudi, CEO of Web performance monitoring firm Catchpoint. However, it doesn’t have to be.

(more…)

Verisign DDoS Trends Report: Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

As part of our efforts to support National Cyber Security Awareness Month by sharing the latest cybersecurity research, Verisign just released our Q3 2015 DDoS Trends Report, which represents a unique view into attack trends unfolding online for the previous quarter, including attack statistics and behavioral trends, derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of, and in cooperation with, customers of Verisign DDoS Protection Services and the security research of Verisign iDefense Security Intelligence Services.
The most notable observation is DDoS attack activity increased in Q3 to the highest it has been in any quarter over the last two years. Quarter over quarter, Verisign mitigated 53 percent more attacks in the third quarter this year than in the preceding quarter.

(more…)

Protect Your Privacy: Opt Out of Public DNS Data Collection

We’ve all seen the check boxes. They’re hidden at the bottom of webpages. You can’t ignore them, but sometimes you forget they are there. They offer to send you deals and coupons. Some even offer to connect you with their partners for similar benefits. Do you check the box?

In these situations you are given a choice of how you want your personal information used. These sites provide the option to trade some of your personal information for a future benefit. If you decide to opt in, your personal information will be transferred, traded or sold to others, and in exchange you will receive something in return, i.e., 10 percent off your next purchase, advance notice of upcoming events, a free gift, etc. If you opt out, you will receive nothing. Regardless of the return, you were given a choice; opt in and receive a benefit for the use of your personal information, or opt out and be content that your personal information won’t be sold.

(more…)

To Patch or Not to Patch? 4 Steps to Effective Vulnerability Management with Security Intelligence

At the 2015 Qualys Security Conference (QSC) in Las Vegas, Jayson Jean, director of iDefense Vulnerability Intelligence, and Research Engineer Rohit Mothe, discussed the ways in which Verisign iDefense Security Intelligence Services have provided key context around public and zero-day vulnerabilities, and by association, helped customers make better-informed decisions around threat mitigation. A core concept discussed in their talk is that threat mitigation often starts with recognizing and prioritizing mitigation of software vulnerabilities.

Managing risk can require difficult decisions about what to patch or mitigate now, and what will have to wait. This is due to the fact that most businesses operate under a “resource-constrained” model and don’t have the staff or funds to patch everything immediately. But making these decisions accurately and quickly requires the context that security intelligence provides.

(more…)