Cisco Blogs


Cisco Blog > Security

Effective Global Threat Intelligence Doesn’t Just Happen

The concept of crowd sourcing cyber intelligence may sound like an unstructured process, but there’s more to it than that. First, you need to remember that all crowds consist of collections of individuals contributing to the community knowledge base. Second, someone has to take responsibility for gathering data from the crowd, analyzing it, and refining it into actionable information that crowd members can apply to their unique situations.

One of the main reasons I’m excited about my job is that I work for an organization with unique qualifications to lead the movement to collective, crowd-sourced cyber security. Cisco has customers all over the globe that have agreed to share threat intelligence data with us for analysis and redistribution back to the community. This process evolved as a byproduct of our main line network products, solutions, and services business. It also hasn’t escaped our notice that these efforts not only deliver huge benefits to our current customers, but also carry with them a truly compelling business value proposition. I really shouldn’t say more, but do it any way in a video blog post you can access here.

Tags: ,

Massive Spam and Malware Campaign Following the Boston Tragedy

Summary

On April 16th at 11:00pm GMT, the first of two botnets began a massive spam campaign to take advantage of the recent Boston tragedy. The spam messages claim to contain news concerning the Boston Marathon bombing. The spam messages contain a link to a site that claims to have videos of explosions from the attack. Simultaneously, links to these sites were posted as comments to various blogs.

The link directs users to a webpage that includes iframes that load content from several YouTube videos plus content from an attacker-controlled site. Reports indicate the attacker-controlled sites host malicious .jar files that can compromise vulnerable machines.

On April 17th, a second botnet began using a similar spam campaign. Instead of simply providing a link, the spam messages contained graphical HTML content claiming to be breaking news alerts from CNN.

Cisco Intrusion Prevention System devices, Cloud Web Security, Email Security Appliances, and Web Security Appliances have blocked this campaign from the start.

Read More »

Tags: , , , ,

Virtually There! Cisco Announces Availability of Virtual Web Security Appliance

I’m sure this has never happened to you.

You choose a web security appliance based on user count and expected traffic profiles. Then marketing rolls out a successful video campaign that goes viral and your users complain about slow internet performance.

You’re under the gun to complete your global web security initiative on time and then you receive word that three servers are stuck in customs in a country you have never heard of.

You’re moving more and more workloads onto virtual servers to match your business agility objectives when someone from the c-suite asks, “Why do you still have these security appliances? Can’t you virtualize them, too?” Read More »

Tags: , ,

Accelerating Real World Cybersecurity Solutions Through Private-Public Partnerships

I had the pleasure of attending the inaugural signing of National Cybersecurity Excellence Partnership agreements yesterday. Key stakeholders in attendance included National Security Agency Director, General Keith Alexander, Senator Barbara Mikulski, Dr. Pat Gallagher of the National Institute of Standards and Technology (NIST), Maryland Governor Martin O’Malley, and several members of the Cisco team.

Established in 2012 through a partnership between NIST, the State of Maryland, and Montgomery County, the National Cybersecurity Center of Excellence (NCCoE) was conceived to advance innovation through the rapid identification, integration, and adoption of practical cybersecurity solutions. NCCoE collaborates with industry leaders through its National Cybersecurity Excellence Partnership (NCEP) initiative to develop real-world cybersecurity capabilities.

As a NCEP member and key collaborator, Cisco is dedicated to furthering the mission of securing cyberspace for all. As part of this ongoing commitment, Cisco has launched the Threat Response, Intelligence and Development organization, focusing key resources around cyber security, threat mitigation and network defense for our customers. Read a blog from our CSO John Stewart about this new organization and its charter here. Read More »

Tags: , , , ,

Embracing Security Related User Groups

Security is a tough nut that can’t be cracked by one alone—neither technology nor research, neither corporations nor start-ups, and neither products nor processes. None of these alone can crack the security nut. The most important part of the problem and solution is people! Nothing beats the efforts of few passionate people collaborating for a cause.

Never doubt that a small group of thoughtful, committed, citizens can change the world. Indeed, it is the only thing that ever has.”― Margaret Mead

Users groups began appearing in the mainframe days as a way to share hard earned knowledge and began to proliferate with the microcomputer revolution of the 1970’s and 1980’s. During this time, hobbyists sought to help each other with their homespun wisdom on programming-, configuration-, hardware- and software-related issues. Prior to the penetration of the Internet, these groups gladly provided free technical support and helped users discover the personal computer and aided in the adoption of the PC in a major way.

The emergence and participation of the general public in the use of the Internet and coincidental rise of operating systems like GNU/Linux as well as the open source movement was further intensified by user groups. Such groups found a new place online to discuss these tools via mailing lists, bulletin boards and more. Once run only by researchers and computer geeks, hardware and software was being made popular among the general public through user groups. Read More »

Tags: ,