“Malware Samples that Included Anti-analysis Tactics Show an Increased Sophistication of Malware developers”

IPv6 transition is round the corner. Most of the large and mid size enterprises across the globe and so in India as well is adopting the same. This for sure opens a Pandora box of complications with security challenges as pointed out by Manish Dalal, VP, APAC, Verisign Naming Services, spoke to us.

Q1. What is the state of Information Security globally according to Verisign? What are the different threats and attack vectors that you come across?

Last year, the Verisign iDefense team has observed more malware samples that included anti-analysis tactics showing an increased sophistication of malware developers who are shifting their legacy goals of spreading quickly, to more of an emphasis on stealth. This is an important observation as this technique makes it harder to detect malware infected systems.

The biggest change we have seen recently, though, is in the size and frequency of Distributed Denial of Service (DDoS) attacks. Aided by growth in malware and increased criminal sophistication, DDoS attacks against online businesses and applications are becoming larger and more frequent, making it extremely difficult for IT organizations to keep pace. While historically motivations for DDoS attacks have varied from financial to political and criminal, the whole world has seen a dramatic increase in the use of DDoS as a form of protest or ‘hactivism,” made increasingly more effective through the use of social networks to organize like-minded individuals. Any site can be targeted, any time, and for any reason, and traditional solutions no longer provide sufficient protection from most DDoS attacks.
In March 2011, Verisign commissioned research to investigate the level of concern IT decision makers have with the growing threat of DDoS attacks in today’s ever evolving cyber landscape and found that 78% of respondents were extremely or very concerned about DDoS attacks and more than two-thirds expect the frequency and strength of DDoS attacks to increase or stay the same over the next two years.

Moreover, nearly two-thirds (63%) of respondents who experienced a DDoS attack in the past year sustained more than one attack and 11% of surveyed businesses were hit six or more times. Based on these results, it is no surprise that of the respondents who lacked DDoS protection, 71% said they plan to implement a solution in the next 12 months. It’s not just the large enterprises and financial institutions concerned with these types of malicious attacks anymore. Our DDoS protection service customer profile extends into all business types and sizes.

Q2. What are the various security challenges in domain name services space? Many across the globe register domain for running malicious and anti-national and terror portal. How can this be regulated, monitored and streamlined?

While we are not in the business of regulating the Internet, there are many security challenges facing the global Internet that Verisign is actively working to address. We recently made a major stride in making the Internet safer by implementing Domain Name System Security Extensions (DNSSEC) in .com in March of this year. DNSSEC helps close a known vulnerability within the DNS that has increasingly become a target for hackers and identity thieves. The deployment of DNSSEC in .com follows our successful 2010 DNSSEC roll-out in .net in December, .edu in August and the collaborative effort between Verisign, ICANN and the U.S. Department of Commerce to sign the DNS root zone in July. However, there is still more work to be done for the effective deployment of DNSSEC across the entire Internet ecosystem requiring collaboration from a variety of stakeholders. Verisign supports and encourages DNSSEC implementation by operating a DNSSEC Interoperability Lab that helps those stakeholders – including solution providers, ISPs, registrars and others – ensure the Internet communications ecosystem is ready for DNSSEC.

Furthermore, the Verisign iDefense team monitors the Internet 24/7 for the types of threats you mentioned to provide the most relevant and actionable cyber intelligence to our customers, stakeholders and law enforcement when appropriate. The Verisign iDefense group is made up of an experienced multinational network of almost 200 security experts who have exclusive access to the most in-depth cyber threat intelligence available. In the event of a breach or security event, our security threat analysts can even act as an extension of an organization’s incident response team, by providing automated analysis of malicious code, in-depth human analysis of malicious code, and forensic capabilities.

Q3. DDoS attacks pose a great threat to companies that conduct business online or have significant investments in their online brand and reputation. What do you offer in this space for enterprises?

As more companies are becoming reliant on their websites to meet revenue goals and provide customer support, implementing DDoS monitoring and mitigation and managed DNS services from specialized experts like Verisign is vital to keep pace with the dynamic nature of attacks and ensure network availability. To fully protect an organization, network administrators need the ability to quickly detect and mitigate attacks in the cloud before they ever reach their networks and that is exactly what the Verisign DDoS protection service does.

Our service offers a unique combination of robust network capacity, proven infrastructure capabilities, and advanced traffic filtering that can detect bad traffic and keep it from ever reaching our customers’ networks, while still filtering through the good traffic so they can continue business as usual. This method of detection and mitigation is the most elegant and cost effective solution out there.

Q4. What is Verisign Managed DNS? How secure is it since it’s a cloud based service?

Verisign Managed DNS is a Domain Name System (DNS) hosting service that helps deliver 100 percent DNS resolution, improving the availability of web-based systems. DNS is essentially like the phone directory of the Internet. It associates easily identifiable domain names with complex IP address numbers allowing visitors to more easily access a website. It is a mission-critical element of Internet infrastructure and any web-based system. When DNS servers aren’t responding, web sites and email become unavailable, resulting in loss of online presence, productivity and revenue.

Verisign Managed DNS uses the same infrastructure and expertise that manage two of the world’s largest top level domains (.com and .net) to provide DNS availability to our customers through a globally distributed, securely managed, cloud-based DNS infrastructure. It allows enterprises to save on capital expenses associated with DNS infrastructure deployment and reduce operational cost and complexity associated with DNS management, while also bringing greater reliability, performance and security through features like support for DNSSEC, IPv6, traffic management and geolocation.

Q5. Tell us more about iDefense Security Intelligence. Is the same offered in India and who are your customers in this space?

Verisign iDefense security intelligence services give information security executives 24/7 access to accurate and actionable cyber intelligence related to vulnerabilities, malicious code, and global threats. With iDefense, organizations have an experienced multinational network of security experts acting as an extension of their teams and exclusive access to the most in-depth cyber threat intelligence available. This translates into a security strategy that consistently delivers substantial cost savings—with proactive insights on true threats, the intelligence to avoid false alarms and revenue protection through improved system and application availability.

While we can’t discuss our customers by name, we can share that our customer base is made up of many of the largest global financial services organizations, ecommerce and technology companies, and government agencies. Increasingly, we are penetrating the mid-and-small business market by bundling elements of our security intelligence with our Managed DNS and DDoS Protection offerings, as well as taking advantage of a reseller model in several markets, including India.

Q6. How does iDefense generate credible insights on the cyber underground and how credible can be the insights?

The iDefense team monitors the Internet 24/7 to provide the most relevant and actionable cyber intelligence to our customers, stakeholders and law enforcement when appropriate. As the registry for the .com and .net domains, Verisign has unique insight into this massive global infrastructure allowing our iDefense experts to quickly detect and assess threats.

Moreover, iDefense has more than 600 security research contributors worldwide, multi-lingual threat collection capabilities in more than 20 languages and ongoing global field operations in suspect countries. Through this extensive multinational network and years of experience in cyber intelligence and security, iDefense provides an average of more than 100 days advanced notification on Zero-day vulnerabilities to customers – more than any other similar service. As a result, we have won many awards and many accolades for the credibility of our intelligence.

Q7. What are the future threats according to Verisign? How can the same be mitigated?

As previously discussed, we see the threat from larger and more advanced DDoS attacks to be a continued trend impacting companies and organizations off all types and sizes. Another threat is the increase in sophistication of malware that has the potential to enable higher rates of cyber fraud and theft. Lastly, while the transition to IPv6, the next version of Internet protocol that will allow for 340 undecillion new IP addresses and enable the continued growth of the Internet, is ultimately positive for the global Internet community, it has a long way to go in terms of methodology and adoption. This uncertainty about the approach to IPv6 implementation has the potential to open up many security issues as network administrators seek to migrate their systems to IPv6.

There are many services available today run by specialists who can assist with DDoS protection and IPv6 implementation to help minimize risks and impacts. Furthermore, the implementation of DNSSEC across the entire Internet will close a known vulnerability within the DNS that has increasingly become a target for hackers and identity thieves. It is critical that companies plan for these transitions now and that the global Internet community works together to ensure that standards are in place for adopting IPv6 and deploying DNSSEC.

husband cheat the unfaithful husband link
symptoms of chlamydia for women blog.gildedvillage.com get tested for stds
i cheated on my boyfriend what do i do blog.itracsigns.com i dreamt my boyfriend cheated on me
girlfriend cheated on me astrobix.com my ex girlfriend cheated on me
best phone spy site email spy app
my abortion story abortion pill miami how late can you have an abortion
free sex stories non-consensual blog.rewardsrunner.com underage lesbian sex stories
walgreens photo coupon printable jstawski.com free prescription drug cards
walgreens prescription coupons read free manufacturer coupons
free coupons printable lanesprojects.com pharmacy prescription discount card
finasteride 1mg click cialis
ciprofloxacin go revia
ciprofloxacin 1000mg sporturfintl.com diprolene
diflucan 200mg link xifaxan 400mg
pfizer viagra coupon blog.brunothalmann.com prescription discount coupon
pfizer viagra coupon viagra coupon card prescription discount coupon
discount coupon for viagra modelosguayaquil.com coupons for viagra 2016
discount coupon for viagra prescription coupon card coupons for viagra 2016
can i take valacyclovir for cold sore canitake.net can i take valacyclovir for cold sore
lisinopril and chlorpheniramine lisinopril and chlorpheniramine lisinopril and chlorpheniramine
cialis dosage as needed cialis dosing compared to viagra
acheter viagra pfizer acheter viagra pfizer acheter viagra pfizer
printable coupons for cialis link cialis coupon
prescription drug coupons is-aber.net coupon prescription
augmentin 1000 augmentin augmentin bis
abilify alkohol abilify wiki abilify wiki
ciproxin gruene-kehl.de ciproxin 500
missed abortion studentsakha.com at home abortion methods
cialis savings and coupons cialis coupons from manufacturer cialis.com coupons
cialis savings and coupons alpinipedrengo.com cialis.com coupons
abortion types arborawning.com abortion shot
prescription transfer coupon myvisajobs.com cialis coupons from lilly
prescription transfer coupon myvisajobs.com cialis coupons from lilly
beloc zok comp beloc mite beloc medikament
feldene ampolla feldene flas feldene ampolla
spontaneous abortion pill pros and cons of abortion abortion price
facts on abortion pill klitvejen.dk for abortion pill
best free pharmacy discount card alpinmontservis.cz pharmacy online coupon
thyrax euthyrox cwblog.centralworld.co.th thyrax dosering
vermox prezzo vermox prezzo vermox tablete cijena
vermox prezzo vermox tablete cijena vermox tablete cijena
viagra generika preisvergleich viagra kaufen apotheke osterreich viagra
abortion pills abortion pill clinics in md how do abortion pill work
discount coupons for cialis printable cialis coupon new prescription coupon
2015 cialis coupon new prescription coupon coupons for cialis printable
cialis discounts coupons ainalfaras.net coupons for cialis 2016
metoprololsuccinat hexal 50 mg mipnet.dk metoprolol succinate
in clinic abortion pill pureheartvision.org price of an abortion pill
vermox mikor hat vermox mikor hat vermox prospect
prescription transfer coupon prescription drug coupons coupons for cialis printable
types of abortion pill types of abortion pill abortion pill is murder
post abortion pill akum.org abortion pill definition
priligy priligy hinta priligy apteekki
metoprololsuccinat bivirkninger metoprololsuccinat hexal 50 mg metoprololtartrat
cialis coupon free destinations.com.pg discount coupons for cialis
cialis coupon free cialis.com coupon discount coupons for cialis
duphaston cijena bez recepta duphaston duphaston 10 mg
voltaren ampul voltaren patch voltaren
top printable coupon sites best online coupon sites coupons and codes
amoxicillin antibiyotik fiyat amoxicillin nedir amoxicillin dermani haqqinda
abortion pill is wrong abortion pill information medication abortion pill
coupons for prescription medications transfer prescription coupon prescription discount coupon
cialis coupons printable cialis discount coupons coupons for cialis
to have an abortion onemoreproductions.se in clinic abortion
side effects low dose naltrexone naltrexone pills ldn medication
vivatrol shot partickcurlingclub.co.uk vivitrol and drinking
revia medicine naltrexone fibromyalgia side effects oral naltrexone
how long does naltrexone work click naltrexone injection side effects
low dose naltrexone canada lasertech.com monthly injection for opiate addiction

Comment

Post your comments

Your email address will not be published. Required fields are marked *

Premier source for thought leadership and latest updates on Cloud Computing to our extensive audience of CIOs and IT Leaders.

Address:J-100, Saurabh Vihar, Badarpur,New Delhi - 110044 (INDIA)

Phone:+91-11-32024924

Email: info (at) itsbsm (dot) com

ShellShock: All You Need to Know About the Bash Bug vulnerability

A new vulnerability has been found that potentially affects most versions of the Linux and Unix operating systems...

Tinba Reloaded… Attacking Banks Around the World

Tinba got its name from its extraordinarily small size – its code is approximately 20 kilobytes in size, a remarkably small number for banking malware...

Big… BadUSB Malware Hack Exploit Ahead

This newly discovered flaw in USBs, dubbed BadUSB, that allows them to become automated hacking tools is the latest challenge for data security professionals...

ShellShock: All You Need to Know About the Bash Bug vulnerability

A new vulnerability has been found that potentially affects most versions of the Linux and Unix operating systems...

Tinba Reloaded… Attacking Banks Around the World

Tinba got its name from its extraordinarily small size – its code is approximately 20 kilobytes in size, a remarkably small number for banking malware...

Big… BadUSB Malware Hack Exploit Ahead

This newly discovered flaw in USBs, dubbed BadUSB, that allows them to become automated hacking tools is the latest challenge for data security professionals...