Archive | Hacking RSS feed for this section

You Can’t Hack What You Can’t See

1 Apr
A different approach to networking leaves potential intruders in the dark.
Traditional networks consist of layers that increase cyber vulnerabilities. A new approach features a single non-Internet protocol layer that does not stand out to hackers.

A new way of configuring networks eliminates security vulnerabilities that date back to the Internet’s origins. Instead of building multilayered protocols that act like flashing lights to alert hackers to their presence, network managers apply a single layer that is virtually invisible to cybermarauders. The result is a nearly hack-proof network that could bolster security for users fed up with phishing scams and countless other problems.

The digital world of the future has arrived, and citizens expect anytime-anywhere, secure access to services and information. Today’s work force also expects modern, innovative digital tools to perform efficiently and effectively. But companies are neither ready for the coming tsunami of data, nor are they properly armored to defend against cyber attacks.

The amount of data created in the past two years alone has eclipsed the amount of data consumed since the beginning of recorded history. Incredibly, this amount is expected to double every few years. There are more than 7 billion people on the planet and nearly 7 billion devices connected to the Internet. In another few years, given the adoption of the Internet of Things (IoT), there could be 20 billion or more devices connected to the Internet.

And these are conservative estimates. Everyone, everywhere will be connected in some fashion, and many people will have their identities on several different devices. Recently, IoT devices have been hacked and used in distributed denial-of-service (DDoS) attacks against corporations. Coupled with the advent of bring your own device (BYOD) policies, this creates a recipe for widespread disaster.

Internet protocol (IP) networks are, by their nature, vulnerable to hacking. Most if not all these networks were put together by stacking protocols to solve different elements in the network. This starts with 802.1x at the lowest layer, which is the IEEE standard for connecting to local area networks (LANs) or wide area networks (WANs). Then stacked on top of that is usually something called Spanning Tree Protocol, designed to eliminate loops on redundant paths in a network. These loops are deadly to a network.

Other layers are added to generate functionality (see The Rise of the IP Network and Its Vulnerabilities). The result is a network constructed on stacks of protocols, and those stacks are replicated throughout every node in the network. Each node passes traffic to the next node before the user reaches its destination, which could be 50 nodes away.

This M.O. is the legacy of IP networks. They are complex, have a steep learning curve, take a long time to deploy, are difficult to troubleshoot, lack resilience and are expensive. But there is an alternative.

A better way to build a network is based on a single protocol—an IEEE standard labeled 802.1aq, more commonly known as Shortest Path Bridging (SPB), which was designed to replace the Spanning Tree Protocol. SPB’s real value is its hyperflexibility when building, deploying and managing Ethernet networks. Existing networks do not have to be ripped out to accommodate this new protocol. SPB can be added as an overlay, providing all its inherent benefits in a cost-effective manner.

Some very interesting and powerful effects are associated with SPB. Because it uses what is known as a media-access-control-in-media-access-control (MAC-in-MAC) scheme to communicate, it naturally shields any IP addresses in the network from being sniffed or seen by hackers outside of the network. If the IP address cannot be seen, a hacker has no idea that the network is actually there. In this hypersegmentation implementation of 16 million different virtual network services, this makes it almost impossible to hack anything in a meaningful manner. Each network segment only knows which devices belong to it, and there is no way to cross over from one segment to another. For example, if a hacker could access an HVAC segment, he or she could not also access a credit card segment.

As virtual LANs (VLANs) allow for the design of a single network, SPB enables distributed, interconnected, high-performance enterprise networking infrastructure. Based on a proven routing protocol, SPB combines decades of experience with intermediate system to intermediate system (IS-IS) and Ethernet to deliver more power and scalability than any of its predecessors. Using the IEEE’s next-generation VLAN, called an individual service identification (I-SID), SPB supports 16 million unique services, compared with the VLAN limit of 4,000. Once SPB is provisioned at the edge, the network core automatically interconnects like I-SID endpoints to create an attached service that leverages all links and equal cost connections using an enhanced shortest path algorithm.

Making Ethernet networks easier to use, SPB preserves the plug-and-play nature that established Ethernet as the de facto protocol at Layer 2, just as IP dominates at Layer 3. And, because improving Ethernet enhances IP management, SPB enables more dynamic deployments that are easier to maintain than attempts that tap other technologies.

Implementing SPB obviates the need for the hop-by-hop implementation of legacy systems. If a user needs to communicate with a device at the network edge—perhaps in another state or country—that other device now is only one hop away from any other device in the network. Also, because an SPB system is an IS-IS or a MAC-in-MAC scheme, everything can be added instantly at the edge of the network.

This accomplishes two major points. First, adding devices at the edge allows almost anyone to add to the network, rather than turning to highly trained technicians alone. In most cases, a device can be scanned to the network via a bar code before its installation, and a profile authorizing that device to the network also can be set up in advance. Then, once the device has been installed, the network instantly recognizes it and allows it to communicate with other network devices. This implementation is tailor-made for IoT and BYOD environments.

Second, if a device is disconnected or unplugged from the network, its profile evaporates, and it cannot reconnect to the network without an administrator reauthorizing it. This way, the network cannot be compromised by unplugging a device and plugging in another for evil purposes.

SPB has emerged as an unhackable network. Over the past three years, U.S. multinational technology company Avaya has used it for quarterly hackathons, and no one has been able to penetrate the network in those 12 attempts. In this regard, it truly is a stealth network implementation. But it also is a network designed to thrive at the edge, where today’s most relevant data is being created and consumed, capable of scaling as data grows while protecting itself from harm. As billions of devices are added to the Internet, experts may want to rethink the underlying protocol and take a long, hard look at switching to SPB.


Machine Learning: A New Weapon in the Hacking Wars?

27 Jul

Is machine learning a tool for harm or a tool for defending in the hacking wars of today?

It feels like the barbarians are continually at the gate. We can’t seem to go more than a week before a new data breach is in the news, impacting potentially millions of individuals. The targets range from companies like Omni Hotels, who had been breached affecting up to 50,000 customers whose personal and credit card information was exposed, to North Carolina State University, where over 38,000 students personal information, including their SSN’s, were at risk. As I mentioned in a recent blog ‘Internet of Things and Big Data – who owns your data?’, we have been storing our personal and credit card information in a variety of systems, credit card companies, banks, online retailers, hotels- and that’s just naming a few. The information in those systems is more valuable than gold to the hackers. The hacker attacks are constant, creative, and changing frequently.

Preparing to prevent, detect, and respond to these barrage of attacks is a daunting task. This is not meant to be a doom and gloom, the sky is falling discussion. It is just a reality of networked system. Our challenge as technologists is to help the business understand the risks, the tools, and processes needed to help protect and respond. One of the new tools entering the conversation is machine learning. Let’s take a look at the challenges and how machine learning may be a valuable asset in the battle.

machine learning hack

Walking the Tightrope Over a Tank of Hungry Sharks

Protecting a business’s data and systems from the barrage of hack attacks is a daunting challenge. It’s always a delicate balance of cost, risk, and benefit. Additionally, we must balance protecting the data while ensuring those that need access, have access. As many who have read my blogs know, one of my favorite phrases is, “Everything is a tradeoff.” There is no one size fits all solution.

Sadly, we have all seen the situation where many companies operate in reactive mode. When a high-profile breach occurs, it’s all hands on deck. Are we at risk? What are our security and response measures? New plans are drawn up for the situation – everyone feels great and the situation is under control. As the memory of the breach fades, the plans are not revisited. That is, until the next high-profile breach.

Part of the challenge is the rapidly changing, disruptive technology environment we work in. Things are moving at breakneck speeds. Connected devices growing at exponential rates. This introduces potential new risks we may not even be aware of. To keep up with that rapid pace requires resources, which are also required to help develop new functionality and provide business value to the company. Striking the balance is not easy. Hackers resources are focused on one thing, and one thing only, finding the holes in that disruptive environment. Hence, the tightrope and the shark tank.

Entering From Stage Right, Machine Learning

One of the new technologies entering the conversation lately is machine learning. Gartner identified machine learning as one of the top 10 technology trends for 2016. It is definitely a hot topic. The goal of machine learning sounds simple: provide systems with the ability to learn based on the information provided them. There are two key things to make the magic happen

  • Complex algorithms that allow the system to develop its own analytical models based on inputs. Those models are constantly changing based on the information provided.
  • Lots of data to fuel these algorithmic engines and the models they produce. The more data, the more accurate the models developed (i.e. the more the machine learns).

Imagine if you could leverage that capability to help deal with your cyber security risks and challenges. Machine learning tools that are constantly receiving information about changes in your systems, access to your systems, other breach attacks, information about risk points, security patches. The potential benefits could help make sure you are staying on that tightrope.

Machine Learning Is Already in the Cybersecurity Space

While still in its infancy, vendors have already started leveraging machine learning to aid in the hacking wars.

No Technology Is a Silver Bullet

There is no doubt: machine learning technology has amazing potential in the cyber security place. I welcome it as a powerful addition to my tool box.  That being said, it is not a silver bullet. It is one of many tools in a toolbox. As technologists, it is our responsibility to understand what the underlying business needs are related to security. What data needs protection and at what level. No technology negates the need for good design and planning, machine learning in the cyber security space is no different. These are exciting times in the technology space. With the right tools, design, and planning, we can help bring value to the business, and provide the level of protection needed in this rapidly changing space.


%d bloggers like this: