Yakking About Hacking

12

OCTOBER 2016

By: Delia J. Smith

At Dispersive, we eat, breathe and live networking technology. We also talk about it—a lot. What really gets us going are man-in-the-middle attacks. We believe their threat is underestimated, their damage incalculable, and their occurrence much too frequent in today’s hyperconnected world.

Last week, some of us were in the breakroom discussing the SYNful Knock incident. That’s the malware that compromised 199 Cisco routers in 31 countries, including 25 devices in one US ISP’s network. Unfortunately, this incident isn’t a one-off; it’s part of a disturbing trend.

For years, security administrators have focused almost exclusively on servers and networks. Router protection has been less of a priority. This has not gone unnoticed by cybercriminals. Consequently, they now attack routers much more often and enjoy greater success.

That’s the bad news. The good news is a Dispersive™ Virtualized Network (DVN) deters attackers from using compromised routers. We were discussing this special ability while waiting for the microwave when someone asked a simple question that started a loud debate.

Which DVN feature hacks off hackers the most?

Granted, it wasn’t the most eloquently phrased question ever uttered at Dispersive, but we got the picture. Here are the top three choices we came up with, in no certain order.

A DVN makes data interception costlier and more complex.
To intercept any meaningful data—even traffic that transits a compromised router—a hacker must first determine which streams belong to which transmission, then break each encryption key, and finally reassemble the packet streams correctly. The odds of accomplishing all three tasks are astronomical.

A DVN rolls packet streams across ports and protocols.
When on a gateway between an enterprise router and firewall, our software not only allows packet streams to roll across different ports, but also to use different protocols while doing it. As it goes through the firewall, a single stream can start on a port using UDP, then switch to another port using TCP. All the while, corresponding streams in the transmission are doing something else. Since our solution only calls out from the end points, we don’t need administrators to poke holes in the firewall for our clients to communicate. Sound complicated? It is.

A DVN creates subnetworks that prevent attacker access.
When placed on a device behind an enterprise router, our software allows the enterprise to implement better access control by segmenting networks. Network devices can be easily grouped into subnetworks inaccessible to anyone outside it. This would prevent a compromised router from exfiltrating data.

And by the way, we just don’t talk to each other about compromised routers, man-in-the-middle attacks and other networking topics. We’d welcome the chance to talk to you about best-security practices. Email us at info@dispersivegroup.com or call (844) 403-5852.

Similar Blogs

The Future of Industrial IoT Networking Secures Edge Cloud Computing and Data

The Future of Industrial IoT Networking Secures Edge Cloud Computing and Data

Dispersive announced last week it has developed a combined offering with ClearBlade, a pioneer and fast-growing Industrial IoT software and platform company delivering sophisticated connected systems for large enterprises. We’ve been working together in our labs and behind the scenes to bundle ClearBlade’s award-winning and widely deployed IIoT solutions (which support edge, cloud and enterprise systems, big data collection, analytics and real time control systems), to make it easier for customers to benefit from zero-touch commissioning, management, and zero-trust networking.

read more