Network security strategy

WH Smith staff data accessed in cyber attack

The retailer has said that customer data has not been affected by the incident as it is held in different systems, and that investigations into the attack are ongoing Continue Reading

3 important SD-WAN security considerations and features

Device onboarding, control plane security and data plane security are three crucial SD-WAN security considerations enterprises should research when choosing an SD-WAN vendor. Continue Reading

Russian spear phishing campaign escalates efforts toward critical UK, US and European targets

Russian hacking group Seaborgium refines its tactics in a continuation of attacks against targets including not-for-profit organisations with geopolitical affiliations Continue Reading

Killnet DDoS attacks disrupt Nato websites

A series of distributed denial of service attacks on various public websites belonging to the Nato alliance were largely repelled but some resources remain unavailable Continue Reading

Extreme extends network fabric to the edge with enhanced SD-WAN

With ever-increasing threat blanket in wide-area network, cloud networking provider announces automated workflows, user experiences and 10Gbps throughput to boost application performance, lower operating cost and reduce mean time to resolution Continue Reading

Russian hacking group Seaborgium targets SNP MP Stewart McDonald

Scottish National Party MP Stewart McDonald says his personal emails have been hacked by a group linked to the Russian state in a targeted phishing attack Continue Reading

APAC buyer’s guide to SASE

In this buyer’s guide on secure access service edge services, we look at the benefits of the technology, key considerations and the market landscape Continue Reading

Cisco fixes two bugs that could have led to supply chain attacks on users

Two vulnerabilities uncovered in Cisco hardware could have opened the door to serious supply chain cyber attacks, according to the Trellix researchers who found them Continue Reading

Russian DDoS hacktivists seen targeting western hospitals

A swathe of attacks by the Putin-supporting DDoS operation known as Killnet has targeted hospitals and other infrastructure in several Nato countries, with the UK thought to be at risk Continue Reading

Uncertainty persists, but enterprises rush to adopt network as a service

Research shows that enterprise network-as-a-service opportunities abound but comms service providers will need to overhaul investment and go-to-market strategies before adoption becomes widespread Continue Reading

How Aruba is tapping opportunities in networking

Aruba is planning to expand its product portfolio, make deeper inroads into datacentres and drive adoption of network as a service, among other efforts to tap opportunities in the networking market Continue Reading

Orange juices JDE expansion with SD-WAN

Telco’s Business Services division selected by global coffee company to secure end-to-end connectivity offerings for more than 120 locations worldwide Continue Reading

Cloudflare urged to clamp down on pirates, counterfeiters

A whitepaper produced by brand protection specialist Corsearch calls on Cloudflare to do more to stop online content piracy and sales of counterfeit goods Continue Reading

Cloudflare completes SASE offer with Magic WAN Connector

Software-defined wide-area network functionality released by online application acceleration and infrastructure provider Cloudflare to complete single-supplier secure access service edge offering Continue Reading

Warning over ransomware attacks spreading via Fortinet kit

Following the disclosure of a critical vulnerability in October 2022, Fortinet VPN devices were exploited in two known ransomware attacks, with access likely sold on the dark web Continue Reading

Top 10 networking stories of 2022

Here are Computer Weekly’s top 10 networking stories of 2022 Continue Reading

Complaints that NCA failed in duty of candour over EncroChat warrants ‘incredible’, court hears

NCA lawyers argue that a decision by an NCA intelligence officer to disclose notes of a key meeting after two-and-a-half years boosts her credibility as a witness Continue Reading

UK unis implement new IP traffic policies to combat ransomware

Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature Continue Reading

Cops dismantle 48 DDoS-for-hire websites

An operation combining law enforcement from the UK, US, Netherlands and Europol has disrupted 48 of the world’s most popular DDoS booter websites Continue Reading

How Zscaler is cracking APAC’s cloud security market

Zscaler’s head in Asia-Pacific and Japan talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better Continue Reading

Industrial IoT focus of next NCSC startup challenge

The NCSC for Startups programme is looking for innovative ideas to encrypt and secure the industrial internet of things Continue Reading

Wireless security: WEP, WPA, WPA2 and WPA3 differences

As wireless networks have evolved, so have the protocols for securing them. Get an overview of WLAN security standards, and learn the differences among WEP, WPA, WPA2 and WPA3. Continue Reading

CityFibre identifies massive economic gains for Cheltenham, Portsmouth areas through full fibre

Leading independent gigabit broadband provider reveals positive economic and productivity impacts in Gloucestershire and south-coast cities where it has introduced full fibre, running to £145m and £335m respectively Continue Reading

Enterprises embrace SD-WAN but miss benefits of integrated approach to security

Research from managed network and security services provider finds virtually all enterprises have deployed software-defined wide area networks or plan to do so within the next 24 months, but nearly half reported they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all Continue Reading

Global network fragmentation a source of increasing risk

Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures Continue Reading

Cloud, security and automation alter networking roles

Networking pros are no longer in their own bubbles, even if they prefer it that way. The growth of cloud, security and automation is expanding traditional networking roles. Continue Reading

US authorities charge two Chinese spies over telco security probe

Two Chinese nationals have been charged with attempting to obstruct the criminal prosecution of a prominent Chinese telecoms firm Continue Reading

The Security Interviews: Why now for ZTNA 2.0?

With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network access Continue Reading

How to build a zero-trust network in 4 steps

While network teams are responsible for deploying the elements of a zero-trust network, security teams should also be involved in developing the overall zero-trust framework. Continue Reading

A gold medal performance for networking

In this week’s Computer Weekly, we find out how the IT team behind the 2022 Commonwealth Games in Birmingham delivered a winning performance. We also look at how the centuries-old London insurance market is going digital, thanks to Lloyd’s of London. And we find out how low-cost high street stores succumbed to the inevitable and are going online. Read the issue now. Continue Reading

CW APAC: Trend Watch: Cloud networking

Organisations are waking up to the importance of utilising updated cloud services. In this handbook, focused on cloud networking in the Asia-Pacific region, Computer Weekly looks at the technology’s advantages, how Cloudflare keeps its customers protected, Tata’s efforts to strengthen its offerings, and how networking and security might evolve in the future. Continue Reading

CISOs should spend on critical apps, cloud, zero-trust, in 2023

Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading

UK government presses on with new cyber rules for telcos

Government has finalised new security rules for telecoms companies and will move to make them binding in the near future Continue Reading

Amazon Ring vulnerability could have been used to spy on users

A now-patched vulnerability in the Amazon Ring mobile app could have been exploited to expose users’ video recordings, but was complex to exploit, according to the researchers who stumbled upon it Continue Reading

Ukraine war drives DDoS attack volumes ever higher

There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity Continue Reading

Researcher finds 10 vulnerabilities in Cisco firewalls

At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches Continue Reading

Cisco averts cyber disaster after successful phishing attack

A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage Continue Reading

Seacom teams up with BT to deliver enterprise communications services across Africa

Deal with leading UK telco intended for customers of Africa’s first broadband submarine cable system to benefit from what is claimed to be world-class portfolio of network services Continue Reading

APAC organisations warm to cloud networking

Organisations in Asia-Pacific are getting up to speed with cloud networking services, even as they grapple with the challenges of managing a hybrid cloud environment Continue Reading

Reliance on PSN may have exacerbated cyber attack impact

As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks Continue Reading

GSMA warns of potential 5G benefits loss through lack of 6GHz wireless band allocation

Trade body for the global mobile industry publishes industry ecosystem review and rails further against plans to offer the full 6GHz band to unlicensed use, warning a significant portion of the expected benefits of mid-band 5G could be lost if no additional mid-band spectrum is assigned to mobile services in the near future Continue Reading

Shift to remote work sees major rise in cyber crime

Survey finds almost four in five cyber security teams agree that recent changes to working practices have adversely affected their organisation’s cyber security, with one-fifth banning the use of public Wi-Fi by policy Continue Reading

DrayTek patches SOHO router bug that left thousands exposed

Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers Continue Reading

Cato aims to bust cyber myths as it extends network protections

Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network – to explode some cyber myths Continue Reading

Vodafone, Virgin Media O2 commit to mobile access across London Underground

Global communications infrastructure provider announces that all four major mobile networks have now committed to high-speed 4G and 5G-ready mobile connectivity across the Tube network Continue Reading

Netskope focuses on network transformation with ‘elite’ advisory group

Network technologies provider announces formation of Network Visionaries group featuring former AWS, Crowdstrike execs to offer cloud, hyperscale, security and networking expertise Continue Reading

Cato Networks opens Copenhagen point of presence

Cato opens PoP in Danish capital to bolster resiliency and extend converged security and networking capabilities across Nordic region Continue Reading

Colt Technology Services gets SASE with enhanced enterprise network

Customers of enterprise network provider now have access to an integrated service that brings together the software-defined wide area network Continue Reading

A1 Telekom Austria offers VMware SD-WAN

Covering Seven Sites in the CEE Area, leading telco teams with IT services provider to offer a new range managed software-defined wide area network services Continue Reading

Ukraine cyber agency enlists Radware to protect government networks

Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks Continue Reading

How TDCX is building a people-centric business

Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez Continue Reading

China using top consumer routers to hack Western comms networks

An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks Continue Reading

How zero trust unifies network virtualization

The combination of zero trust and network virtualization creates opportunities to strengthen security policies, increase cross-domain collaboration and improve overall visibility. Continue Reading

Singapore doubles down on quantum technology

The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology Continue Reading

Mobile digital transformation – from fast to deep

The first half of 2022 has been a busy time, with much happening in the mobile industry. We consider what the rest of year might hold Continue Reading

Greggs bakes SD-WAN into shops of the future

Food retailer deploys software-defined wide area network to drive the increased use of in-shop devices and ensure consistent, high-quality bandwidth to fulfil growing demand Continue Reading

Cato Networks beefs up SASE offer with Marseilles point of presence

Point of presence in South of France port city joins SASE provider’s global private network of more than 70 PoPs worldwide, extending converged security and networking to the region while expanding in-country resiliency across key territory Continue Reading

CyberUK 22: Data-sharing service to protect public from scams

A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites Continue Reading

NCSC pins Viasat cyber attack on Russia

UK authorities have attributed the 24 February cyber attack on the network of satellite comms company Viasat to Russia Continue Reading

Security Think Tank: Identify, assess and monitor to understand attack paths

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading

Security Think Tank: Defenders must get out ahead of complexity

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to better understand these attack pathways to fight back Continue Reading

Five TLS comms vulnerabilities hit Aruba, Avaya switching kit

Five new vulnerabilities in the implementation of transport layer security communications leave several popular switches vulnerable to remote code execution Continue Reading

Security Think Tank: Solving for complexity in the network

The modern-day abundance of IT platforms, apps and tools gives the bad guys ample opportunity to move rapidly through the network to hit critical assets. Security teams must understand these attack pathways better in order to fight back Continue Reading

Attackers enlist cloud providers in large HTTPS DDoS hit

A recent large-scale DDoS incident shows how cyber criminals are switching up their tactics to conduct more sophisticated attacks Continue Reading

Orange Business Services delivers global SD-WAN to Siemens

Digital services company and global enterprise division of the global telco teams with leading German technology firm to complete what is said to be one of the largest software-defined wide area network deployments in the world, covering 1,168 worldwide locations across 94 countries Continue Reading

SoftBank invests in Aryaka for international SD-WAN service, SD-core

With the objective of shoring up its international networking service, enabling a flexible and highly secure network that meets overseas customer needs, Japanese multinational upgrades software-defined wide area network and core Continue Reading

BT, Toshiba team on first commercial trial of quantum secured network with EY

Revolutionary computer infrastructure to be used in trial of management consultancy’s aim to connect quantum secure data transmission between its major London offices Continue Reading

US mobile network emerges as latest Lapsus$ victim

Lapsus$ extortion gang hit T-Mobile and attempted to perform SIM-swapping attacks and code theft Continue Reading

Zoom adds new round of cyber security enhancements

Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements Continue Reading

NSO Group faces court action after Pegasus spyware used against targets in UK

Three human rights activists whose phones were targeted by spyware traced to Saudi Arabia and the United Arab Emirates have begun legal action against both countries and Israel’s NSO Group Technologies Continue Reading

Hammers sign Acronis as backup and security in one

West Ham United set to replace separate backup from Veeam and a variety of security products with Acronis Cyber Protect to have backup, data protection and file share on a single platform Continue Reading

Zhadnost DDoS botnet deployed against Finland

A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament Continue Reading

WatchGuard firewall users urged to patch Cyclops Blink vulnerability

The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading

Aryaka addresses accelerating European customer demand with Paris services PoP

As European businesses are hit by supply chain issues, telcos issues and a disrupted workforce, SD-WAN and SASE provider Aryaka claims to guarantee network and application performance through new Paris service point of presence Continue Reading

US shuts down Russia’s Cyclops Blink botnet operation

Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’ Continue Reading

Nasstar appointed to run new secure network on behalf of UK MoD

New SD-WAN developed for facilities management services provider as it works with Ministry of Defence to support applications ensuring secure connection to public and private cloud Continue Reading

The pros and cons of Netskope SASE

Netskope is undoubtedly a leader in the CASB market, but its limited security capabilities and lack of SD-WAN make Netskope an incomplete SASE offering. Continue Reading

SecOps and cybersecurity basics for NetOps teams

To bridge the gap between NetOps and SecOps teams, network pros should know security fundamentals, including different types of attackers, attacks and available security services. Continue Reading

Windstream claims North America’s ‘first and only comprehensive’ managed SASE

Managed communications service provider sees new bundle enabling convergence of networking and security as addressing modern-day challenges of digital business transformation, cyber security and workforce mobility Continue Reading

Two men convicted after using EncroChat cryptophones to plot killing

Evidence from the encrypted phone network EncroChat led to the conviction of two men for conspiracy to murder Continue Reading

Orange Business Services and Fortinet seal SASE partnership

Business services division of telco inks partnership with cyber security firm to gain differentiation for secure access service edge solution based on cloud-native technologies and using a dedicated global IP backbone to deliver expanded on-demand services Continue Reading

Nato Cyber Security unit tests post-quantum VPN

Nato’s Cyber Security Centre has successfully tested secure communication flows in a post-quantum world using a UK-designed VPN Continue Reading

DCMS opens consultation on telecoms cyber standards

Proposed rules will set out the specific measures telecoms providers need to take to fulfil their legal duties under the Telecommunications Security Act Continue Reading

Cloudflare: Our network is our product

Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats Continue Reading

A review of Zscaler SASE architecture

Zscaler has a strong cloud-native architecture for secure internet access. But it doesn't deliver SD-WAN or converge internet access and WAN security, leaving it with only part of a SASE platform. Continue Reading

Russia behind dangerous Cyclops Blink malware

Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk Continue Reading

Zoom gains NCSC Cyber Essentials Plus and NHS security badges

Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats Continue Reading

UK joins US in pinning Ukraine DDoS attacks on Russia

A series of DDoS attacks on Ukrainian defence and banking organisations last week is now being firmly attributed to Russian action Continue Reading

Zero-trust to soar in 2022, but dogged by implementation challenges

IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite Continue Reading

Edge, public cloud, security drive network transformation

Networking is starting to reflect innovations in compute and public cloud. A notable change will be how network teams view networking and security as a holistic platform. Continue Reading

DCMS taps Arqit for 5G project to provide Open RAN security by default

Quantum platform-as-a-service provider joins government’s programme to drive diversity in comms technology supply with the aim of integrating a novel quantum encryption service to enable security by default Continue Reading

MPs to debate landmark IoT security law

Proposed bill mandates tighter protections for connected products, and adds new rules for broadband roll-out into the bargain Continue Reading

New normal sees SASE, SD-WAN surge as MPLS is phased out

Research confirms that MPLS is ‘out’ and SD-WAN and SASE systems are the clear winners in enterprise networking as more and more European organisations are eliminating all on-prem datacentres, with cloud adoption steaming ahead Continue Reading

Singapore to tighten digital banking security

Banks in Singapore will have to put in place more stringent measures to combat the rise in online phishing scams targeted at bank customers in the city-state Continue Reading

Chasm exists between ‘true’ and portfolio SASE approaches

Survey of enterprise IT leaders finds little difference between respondents without SASE and those who adopted SASE product portfolios regarding issues such as trade-offs between performance and security Continue Reading

Exium, Teneo team to deliver digital experience, 5G-capable SASE platform

Work-from-anywhere IT services company and cyber security provider enter into partnership to assist lean enterprise IT teams in their transition to a secure access service edge Continue Reading

How to implement network segmentation for better security

For a network segmentation strategy to be effective and improve security, network teams need to create detailed security policies, identify each resource and use allowlists. Continue Reading

Explore 9 essential elements of network security

Network security isn't a one-size-fits-all strategy. Dive into the various segments of network security, and learn how they overlap and interact with each other. Continue Reading

What is Log4Shell - and why the panic?

In this week’s Computer Weekly, we assess the risks from Log4Shell, a new web software vulnerability described as “catastrophic”. We look at SASE – secure access service edge – which is set to be one of the networking priorities for 2022. And some victims of the Post Office IT scandal are still waiting for proper compensation. Read the issue now. Continue Reading

Security Think Tank: There’s much more to do to secure hybrid workers

Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading