Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

6/4/2015
10:30 AM
Bill Kleyman
Bill Kleyman
Commentary
Connect Directly
Facebook
Twitter
LinkedIn
Google+
RSS
E-Mail vvv
100%
0%

How The Hacker Economy Impacts Your Network & The Cloud

To protect data against growing threats, networks must now act as both sensor and enforcer around traffic that passes through users and data centers to the cloud.

There has definitely been a digital disruption within our industry. I recently attended the Cisco Partner Summit in Montreal and heard some big messages around new kinds of ecosystem technologies that are already making an impact on our datacenters. One of the biggest conversation points at the conference was about security and the evolution of the cybercriminal. 

With so much new data being created every second, advanced persistent threats (APTs) and new threat vectors have forced a new way of thinking around user, cloud, and datacenter security. New technologies are becoming available with better security intelligence, predictive and proactive capabilities, and cross-cloud API security integration. These new security platforms are designed to make your networks smarter, your datacenter more secure and your cloud a lot more agile.

According to the 2015 Accenture Technology Vision Report, 81 percent of executives believe that industry boundaries will dramatically blur as platforms reshape these industries into interconnected ecosystems. This means it’s critical for organizations to align with new security trends, better network designs, and the cloud.

Before we dive into the network, datacenter, and cloud conversation, let’s look at how much your information is actually worth in the current hacker economy. According to Cisco, the current market around cybercrime ranges between $450 billion to $1 trillion per year. Further estimates expect this number to increase. How do the bad guys keep making this kind of money? Simple. Hackers, cyber criminals, hacktivists, and nation states have learned to monetize their opportunities:

  • Social Security Number: $1
  • DDoS as a Service: About $7/hour
  • Medical Records: >$50
  • Credit Card Data: $0.25 - $60
  • Bank Account Info: >$1,000 (Depending on the type of account and balance)
  • Mobile Malware: $150
  • Malware Development: $2,500 (commercial malware)
  • Spam: $50 for about 500k emails (depending on number of emails and destination)
  • Custom Exploits: $100k - $300k
  • Facebook Account: $1 for an account with at least 15 friends

Let’s remember something here: these numbers refer to how much hackers can make off of your data. But what does it actually cost a business to experience a data breach or loss of vital information? New findings from Juniper Research suggests that the rapid digitization of consumers' lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, almost four times the estimated cost of breaches today. Furthermore, the average cost of a data breach in 2020 will exceed $150 million by 2020, as more business infrastructure gets connected.

Welcome to the hacker economy
There are a lot of bad guys out there and this new digital age is creating new kinds of targets. This is where network, compute, and datacenter security intelligence come into play. Your network must now act as the sensor and the enforcer around all traffic that pass through your datacenter. New kinds of intelligence policies will allow you to integrate security APIs with third-party systems, deploy network-wide sensors, create policy and contextual-based data sharing, and allow next-generation firewall technologies to help act as infrastructure enforcers. Ultimately, this creates an end-to-end embedded and dedicated securities architecture for the evolving threat matrix.

Let’s examine two specific areas where new kinds of security technologies are impacting both networks and the cloud.

The network
We are far beyond traditional router and switch capabilities. Network sensors, filters, port controls, and advanced policies are all enabling the modern network to be a lot more intelligent. Enterprise network systems allow you to not only segment traffic but also place security monitors on ports and connections spanning your entire ecosystem. If an exploit is detected, or anomalous traffic is found, you can blackhole the traffic, isolate it, and prevent it from doing damage within your environment.

From there, monitoring, auditing, and logging mechanisms give you new kinds of insights into who, or what, was actually trying to get into your environment. The new idea behind a smart and secure network is simple: Your network must now act as both a sensor and an enforcer. You can extend NGFW security policies from the edge and into your network architecture. This goes beyond DLP, IPS, and IDS. You can have an application assigned to a specific port or traffic point within a network. From there, sensors can detect malformed packets, traffic spikes, or strange connection requests and enforce security policies to stop the potential attack.

The cloud
Cloud security has come a really long way. For example, let’s assume that you have proprietary or compliance-bound workloads that you want to host in the cloud. You have very specific security requirements around encryption, security, and monitoring. What are your options? Because the hybrid cloud is becoming one of the most popular cloud platforms, new ways to secure migrant traffic have emerged. Advanced technologies can encrypt data in real-time prior to sending the information into a cloud environment and decrypt only when an authorized user retrieves the data from the cloud.

When it comes to security, compliance, and policy, encryption keys are stored locally and never leave the user’s site. Furthermore, those keys are never shared with the cloud provider. These kinds of solutions allow you to deploy applications into the cloud and completely control the traffic flow. Once inside the data center, a combination of NGFW systems, network intelligence, VM-level security, and monitoring can round off a powerful cloud-to-datacenter security architecture.

One of my final pieces of advice is to focus your approach to IT on how security directly impacts actual business outcomes. Technology and the modern business are tied at the hip. Moving forward, every organization – regardless of the vertical – will become a digital, technology entity. Creating security platforms built around intelligence, direct visibility into data, and proactive alerting will be the only way to isolate threats and create a business environment aligned with an intelligent security framework spanning your network, the datacenter and into the cloud.

  Bill Kleyman brings more than 15 years of experience to his role as Executive Vice President of Digital Solutions at Switch. Using the latest innovations, such as AI, machine learning, data center design, DevOps, cloud and advanced technologies, he delivers solutions ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
QuadStack
50%
50%
QuadStack,
User Rank: Author
6/8/2015 | 12:36:22 PM
Re: Confused over the topic
@JoeK833 - First of all, thank you for reading and a big thank you for taking the time to comment! It really helps get the conversation going! Let's start here - so many of my friends sit on the good side of the cloud and IT security business. They help find holes, secure vast networks, check for new vulnerabilities, and do everything they can do to stay ahead of the bad guys. Which is what this article is about... How the bad guys monetize our data. It's kind of the thesis here - in the very beginning "How do the bad guys keep making this kind of money? Simple. Hackers, cyber criminals, hacktivists, and nation states have learned to monetize their opportunities..." Friends, I'm not trying to ignore the good security professionals out there - and, I'm not suggesting that all hackers are bad guys. The folks I'm talking about here are specifically the malicious users of the Internet looking to cash in on your information. Maybe my next piece will be around all of the amazing people helping create new security protocols to ensure a better cloud.

To your next point - no network architecture or data center is ever 100% safe. The security that we deploy is only as good as the policies, configurations, and best practices that we incorporate around it all. I have to argue that those organizations facilitating the architecture going into the modern cloud and data center environment are very much interested in more intelligent security practices. A breach will cost them customers, reputation, and - in this fast-paced world - potentially their entire business. It's not perfect out there - but it certainly is improving. 

Now, to cloud security; we're seeing that it's certainly evolving and doing so at a very fast pace. We have yet to see ANY major cloud breach within some of the biggest cloud providers. Many of the biggest breaches have all happened with on-premise resources. And yes, I'll take a slightly more positive approach here and show that the way we secure our data centers today are a bit better than "dismal." Cloud providers don't want a legal process... they also really don't want negative public attention. So they'll do whatever they can to secure these multi-tenant environments. I'm not talking about some unrealistic pristine cloud security architecture here. I'm being realistic. The way we have created better network and cloud intelligence allows you to see more of the "bits" which are traveling the wire. 

As for any open-source cloud management technology out there - yes, there are still some challenges to overcome. But OpenStack - when deployed properly - is a powerful cloud orchestration and API layer. A good security architecture will work with security to ensure no critical data is ever close to any holes. Joe - you take a very bleak approach to cloud and security in your comments. In working with data centers, cloud providers, and many security professionals - it's clear that big progress has been made around the security of your data. But you're right - it's not perfect. And, there are more breaches potentially happening as we store more data in the cloud and within our own data centers. The only way to work around this is to continue to improve the capabilities of the products in the field - and hope that they're not too "dismal" moving forward. 
QuadStack
50%
50%
QuadStack,
User Rank: Author
6/8/2015 | 12:18:33 PM
Re: Economy
@colocationauthority - You're aboslutely right. The economics around various threat vectors and how we now can secure against it all have certainly come a long way. Pretty sure with so many new interconnected devices and new cloud services - security will remain a white hot topic and market impactor. 
JoeK833
50%
50%
JoeK833,
User Rank: Apprentice
6/8/2015 | 11:02:33 AM
Confused over the topic.
To begin with, seems your article applies Hackers are cybercriminals. Are you saying the MIT Hackers, and those of us that code and attempt to identify security vulnerabilities before loss of property or life are cybercriminals?

Next. "The network". Networks security is only as good as your ability to understand the context of the bits traveling the wire, be they to a company or in the cloud. You are assuming that companies which make products, have interest in include new protocols and upgrade to protocols for the purpose of detecting hard. Well, they don't. A good example is the claims security products support IPv6. When pushed, you will discover some have been claiming support for 8 years, but still have no support.

Finally, you argument about improved cloud security. You are assuming if your data is outside your organization, that the company processing that has better products then you can afford, and more people to watch for problems. If in fact, your data is compromised, the only recourse is a slow legal process. You also assume that your workloads cannot be moved outside the initial data center, and can't be moved to a random data center allowing criminals and nation states to obtain your data.

On the Openstack side, many of the project have large gaping security holes, which have yet to be addressed, there for using some of these tools open even more holes in your defense.

In short, you can believe the number on cost of compromise, but the capabilities of products in the field are dismal.

Joe Klein

 

 
colocationauthority
50%
50%
colocationauthority,
User Rank: Apprentice
6/4/2015 | 11:20:55 AM
Economy
I believe that you are completely correct in this article. The economy and technology have both come a long long way! colocationauthority.com
Virginia a Hot Spot For Cybersecurity Jobs
Jai Vijayan, Contributing Writer,  10/9/2019
How to Think Like a Hacker
Dr. Giovanni Vigna, Chief Technology Officer at Lastline,  10/10/2019
7 SMB Security Tips That Will Keep Your Company Safe
Steve Zurier, Contributing Writer,  10/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-17660
PUBLISHED: 2019-10-16
A cross-site scripting (XSS) vulnerability in admin/translate/translateheader_view.php in LimeSurvey 3.19.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the tolang parameter, as demonstrated by the index.php/admin/translate/sa/index/surveyid/336819/lang/ PATH_INFO.
CVE-2019-11281
PUBLISHED: 2019-10-16
Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16.6, and versions 1.17.x prior to 1.17.3, contain two components, the virtual host limits page, and the federation management UI, which do not properly sanitize user input...
CVE-2019-16521
PUBLISHED: 2019-10-16
The broken-link-checker plugin through 1.11.8 for WordPress (aka Broken Link Checker) is susceptible to Reflected XSS due to improper encoding and insertion of an HTTP GET parameter into HTML. The filter function on the page listing all detected broken links can be exploited by providing an XSS payl...
CVE-2019-16522
PUBLISHED: 2019-10-16
The eu-cookie-law plugin through 3.0.6 for WordPress (aka EU Cookie Law (GDPR)) is susceptible to Stored XSS due to improper encoding of several configuration options in the admin area and the displayed cookie consent message. This affects Font Color, Background Color, and the Disable Cookie text. A...
CVE-2019-16523
PUBLISHED: 2019-10-16
The events-manager plugin through 5.9.5 for WordPress (aka Events Manager) is susceptible to Stored XSS due to improper encoding and insertion of data provided to the attribute map_style of shortcodes (locations_map and events_map) provided by the plugin.