Network security strategy

Reliance on PSN may have exacerbated cyber attack impact

As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks Continue Reading

GSMA warns of potential 5G benefits loss through lack of 6GHz wireless band allocation

Trade body for the global mobile industry publishes industry ecosystem review and rails further against plans to offer the full 6GHz band to unlicensed use, warning a significant portion of the expected benefits of mid-band 5G could be lost if no additional mid-band spectrum is assigned to mobile services in the near future Continue Reading

Shift to remote work sees major rise in cyber crime

Survey finds almost four in five cyber security teams agree that recent changes to working practices have adversely affected their organisation’s cyber security, with one-fifth banning the use of public Wi-Fi by policy Continue Reading

DrayTek patches SOHO router bug that left thousands exposed

Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers Continue Reading

Cato aims to bust cyber myths as it extends network protections

Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network – to explode some cyber myths Continue Reading

Vodafone, Virgin Media O2 commit to mobile access across London Underground

Global communications infrastructure provider announces that all four major mobile networks have now committed to high-speed 4G and 5G-ready mobile connectivity across the Tube network Continue Reading

Netskope focuses on network transformation with ‘elite’ advisory group

Network technologies provider announces formation of Network Visionaries group featuring former AWS, Crowdstrike execs to offer cloud, hyperscale, security and networking expertise Continue Reading

Cato Networks opens Copenhagen point of presence

Cato opens PoP in Danish capital to bolster resiliency and extend converged security and networking capabilities across Nordic region Continue Reading

Colt Technology Services gets SASE with enhanced enterprise network

Customers of enterprise network provider now have access to an integrated service that brings together the software-defined wide area network Continue Reading

A1 Telekom Austria offers VMware SD-WAN

Covering Seven Sites in the CEE Area, leading telco teams with IT services provider to offer a new range managed software-defined wide area network services Continue Reading

Ukraine cyber agency enlists Radware to protect government networks

Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks Continue Reading

How TDCX is building a people-centric business

Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez Continue Reading

China using top consumer routers to hack Western comms networks

An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks Continue Reading

How zero trust unifies network virtualization

The combination of zero trust and network virtualization creates opportunities to strengthen security policies, increase cross-domain collaboration and improve overall visibility. Continue Reading

Singapore doubles down on quantum technology

The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology Continue Reading

Mobile digital transformation – from fast to deep

The first half of 2022 has been a busy time, with much happening in the mobile industry. We consider what the rest of year might hold Continue Reading

Greggs bakes SD-WAN into shops of the future

Food retailer deploys software-defined wide area network to drive the increased use of in-shop devices and ensure consistent, high-quality bandwidth to fulfil growing demand Continue Reading

Cato Networks beefs up SASE offer with Marseilles point of presence

Point of presence in South of France port city joins SASE provider’s global private network of more than 70 PoPs worldwide, extending converged security and networking to the region while expanding in-country resiliency across key territory Continue Reading

CyberUK 22: Data-sharing service to protect public from scams

A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites Continue Reading

NCSC pins Viasat cyber attack on Russia

UK authorities have attributed the 24 February cyber attack on the network of satellite comms company Viasat to Russia Continue Reading

Security Think Tank: Identify, assess and monitor to understand attack paths

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading

Security Think Tank: Defenders must get out ahead of complexity

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to better understand these attack pathways to fight back Continue Reading

Five TLS comms vulnerabilities hit Aruba, Avaya switching kit

Five new vulnerabilities in the implementation of transport layer security communications leave several popular switches vulnerable to remote code execution Continue Reading

Security Think Tank: Solving for complexity in the network

The modern-day abundance of IT platforms, apps and tools gives the bad guys ample opportunity to move rapidly through the network to hit critical assets. Security teams must understand these attack pathways better in order to fight back Continue Reading

Attackers enlist cloud providers in large HTTPS DDoS hit

A recent large-scale DDoS incident shows how cyber criminals are switching up their tactics to conduct more sophisticated attacks Continue Reading

Orange Business Services delivers global SD-WAN to Siemens

Digital services company and global enterprise division of the global telco teams with leading German technology firm to complete what is said to be one of the largest software-defined wide area network deployments in the world, covering 1,168 worldwide locations across 94 countries Continue Reading

SoftBank invests in Aryaka for international SD-WAN service, SD-core

With the objective of shoring up its international networking service, enabling a flexible and highly secure network that meets overseas customer needs, Japanese multinational upgrades software-defined wide area network and core Continue Reading

BT, Toshiba team on first commercial trial of quantum secured network with EY

Revolutionary computer infrastructure to be used in trial of management consultancy’s aim to connect quantum secure data transmission between its major London offices Continue Reading

US mobile network emerges as latest Lapsus$ victim

Lapsus$ extortion gang hit T-Mobile and attempted to perform SIM-swapping attacks and code theft Continue Reading

Zoom adds new round of cyber security enhancements

Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements Continue Reading

NSO Group faces court action after Pegasus spyware used against targets in UK

Three human rights activists whose phones were targeted by spyware traced to Saudi Arabia and the United Arab Emirates have begun legal action against both countries and Israel’s NSO Group Technologies Continue Reading

Hammers sign Acronis as backup and security in one

West Ham United set to replace separate backup from Veeam and a variety of security products with Acronis Cyber Protect to have backup, data protection and file share on a single platform Continue Reading

Zhadnost DDoS botnet deployed against Finland

A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament Continue Reading

WatchGuard firewall users urged to patch Cyclops Blink vulnerability

The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading

Aryaka addresses accelerating European customer demand with Paris services PoP

As European businesses are hit by supply chain issues, telcos issues and a disrupted workforce, SD-WAN and SASE provider Aryaka claims to guarantee network and application performance through new Paris service point of presence Continue Reading

US shuts down Russia’s Cyclops Blink botnet operation

Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’ Continue Reading

Nasstar appointed to run new secure network on behalf of UK MoD

New SD-WAN developed for facilities management services provider as it works with Ministry of Defence to support applications ensuring secure connection to public and private cloud Continue Reading

The pros and cons of Netskope SASE

Netskope is undoubtedly a leader in the CASB market, but its limited security capabilities and lack of SD-WAN make Netskope an incomplete SASE offering. Continue Reading

SecOps and cybersecurity basics for NetOps teams

To bridge the gap between NetOps and SecOps teams, network pros should know security fundamentals, including different types of attackers, attacks and available security services. Continue Reading

Windstream claims North America’s ‘first and only comprehensive’ managed SASE

Managed communications service provider sees new bundle enabling convergence of networking and security as addressing modern-day challenges of digital business transformation, cyber security and workforce mobility Continue Reading

Two men convicted after using EncroChat cryptophones to plot killing

Evidence from the encrypted phone network EncroChat led to the conviction of two men for conspiracy to murder Continue Reading

Orange Business Services and Fortinet seal SASE partnership

Business services division of telco inks partnership with cyber security firm to gain differentiation for secure access service edge solution based on cloud-native technologies and using a dedicated global IP backbone to deliver expanded on-demand services Continue Reading

Nato Cyber Security unit tests post-quantum VPN

Nato’s Cyber Security Centre has successfully tested secure communication flows in a post-quantum world using a UK-designed VPN Continue Reading

DCMS opens consultation on telecoms cyber standards

Proposed rules will set out the specific measures telecoms providers need to take to fulfil their legal duties under the Telecommunications Security Act Continue Reading

Cloudflare: Our network is our product

Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats Continue Reading

A review of Zscaler SASE architecture

Zscaler has a strong cloud-native architecture for secure internet access. But it doesn't deliver SD-WAN or converge internet access and WAN security, leaving it with only part of a SASE platform. Continue Reading

Russia behind dangerous Cyclops Blink malware

Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk Continue Reading

Zoom gains NCSC Cyber Essentials Plus and NHS security badges

Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats Continue Reading

UK joins US in pinning Ukraine DDoS attacks on Russia

A series of DDoS attacks on Ukrainian defence and banking organisations last week is now being firmly attributed to Russian action Continue Reading

Zero-trust to soar in 2022, but dogged by implementation challenges

IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite Continue Reading

Edge, public cloud, security drive network transformation

Networking is starting to reflect innovations in compute and public cloud. A notable change will be how network teams view networking and security as a holistic platform. Continue Reading

DCMS taps Arqit for 5G project to provide Open RAN security by default

Quantum platform-as-a-service provider joins government’s programme to drive diversity in comms technology supply with the aim of integrating a novel quantum encryption service to enable security by default Continue Reading

MPs to debate landmark IoT security law

Proposed bill mandates tighter protections for connected products, and adds new rules for broadband roll-out into the bargain Continue Reading

New normal sees SASE, SD-WAN surge as MPLS is phased out

Research confirms that MPLS is ‘out’ and SD-WAN and SASE systems are the clear winners in enterprise networking as more and more European organisations are eliminating all on-prem datacentres, with cloud adoption steaming ahead Continue Reading

Singapore to tighten digital banking security

Banks in Singapore will have to put in place more stringent measures to combat the rise in online phishing scams targeted at bank customers in the city-state Continue Reading

Chasm exists between ‘true’ and portfolio SASE approaches

Survey of enterprise IT leaders finds little difference between respondents without SASE and those who adopted SASE product portfolios regarding issues such as trade-offs between performance and security Continue Reading

Exium, Teneo team to deliver digital experience, 5G-capable SASE platform

Work-from-anywhere IT services company and cyber security provider enter into partnership to assist lean enterprise IT teams in their transition to a secure access service edge Continue Reading

How to implement network segmentation for better security

For a network segmentation strategy to be effective and improve security, network teams need to create detailed security policies, identify each resource and use allowlists. Continue Reading

Explore 9 essential elements of network security

Network security isn't a one-size-fits-all strategy. Dive into the various segments of network security, and learn how they overlap and interact with each other. Continue Reading

What is Log4Shell - and why the panic?

In this week’s Computer Weekly, we assess the risks from Log4Shell, a new web software vulnerability described as “catastrophic”. We look at SASE – secure access service edge – which is set to be one of the networking priorities for 2022. And some victims of the Post Office IT scandal are still waiting for proper compensation. Read the issue now. Continue Reading

Security Think Tank: There’s much more to do to secure hybrid workers

Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading

Aryaka announces ‘all-in-one’ SD-WAN, SASE offerings for hybrid workplace

Cloud-first software-defined wide area network firm claims hybrid network innovation breakthrough, enabling businesses of all sizes to navigate change while focusing on growth and digital transformation Continue Reading

GTT teams with Palo Alto to power SASE platform

Secure access service edge platform will offer advanced security techniques, fortifying network access from any location Continue Reading

Security Think Tank: Dissecting the true value of SASE is a challenge

As a relatively nascent technology that is getting a lot of publicity, dissecting the true value of SASE is still a difficult proposition, for now Continue Reading

Security Think Tank: SASE will become operational reality

While still considered very much a buzzword, the pace of change in corporate networks and operational technology means secure access service edge (SASE) is becoming reality for many Continue Reading

Alert over spate of Iran-linked BitLocker attacks

A joint advisory from western cyber agencies warns of a campaign of ‘ongoing malicious activity’ by an Iran-linked APT group exploiting BitLocker to extort its targets Continue Reading

Sky ECC provided free cryptophones to a Canadian police force

Internal emails disclosed in a US court show how Sky Global supplied sample encrypted phones to a Canadian police force before its phone users became subject to an international police investigation Continue Reading

How zero-trust SDP can work with a VPN for remote work

Implementing software-defined perimeter and zero-trust security models with a corporate VPN adds significant layers of user and device verification and authentication. Continue Reading

Security Think Tank: What to find out before investing in SASE

Petra Wenham of the BCS shares her thoughts on what organisations need to consider as they investigate whether or not to invest in secure access service edge technology Continue Reading

BT applies Covid-19 R number modelling to threat response

A prototype cyber security tool developed at BT uses epidemiological principles to detect and respond to cyber threats Continue Reading

HPE’s Aruba networking unit hit by cyber attack

Undisclosed threat actor compromised data buckets used to run the Aruba Central cloud environment using a stolen access key Continue Reading

Evaluate the components of Cisco SASE

Cisco's SASE platform, Umbrella, has all the components of a SASE architecture, but it has a lot of integration complexity and a reliance on appliances. Continue Reading

Security Think Tank: SASE – marketing buzz or the future of security?

SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT Continue Reading

Is SASE mere vendor hype? It’s more nuanced than that

There’s no doubt that SASE is being overhyped, but nevertheless the concept holds value that security teams should not discount, according to PA Consulting analysts Continue Reading

CIA sought revenge against Julian Assange over hacking tool leaks, court hears

The CIA discussed kidnapping Julian Assange after WikiLeaks published thousands of documents revealing its arsenal of hacking tools, defence lawyers tell a London court Continue Reading

Multi-government operation targets REvil ransomware group

REvil has been forced offline by a multi-government hacking operation, marking the second time in 2021 that the group has gone dark Continue Reading

LightBasin hackers breach 13 telcos in two years

Hackers have obtained an undisclosed volume of subscriber information and call metadata in a sustained campaign against telecommunications firms Continue Reading

Back on the office network: What are the risks for mobile users?

Many people are returning to offices and bringing their mobile devices with them. What are the cyber security implications of this? Continue Reading

DCMS appoints Plexal to drive telecoms diversity strategy

Government chooses UK innovation company to understand and develop the role of SMEs in the telecoms market with particular reference to how to create a diverse market that supports the creation of home-grown, sovereign technology Continue Reading

Apple scheme to detect child abuse creates serious privacy and security risks, say scientists

Apple’s plan to automatically scan photos to detect child abuse would unduly risk the privacy and security of law-abiding citizens and could open up the way to surveillance, say the world’s top cryptographic experts Continue Reading

FCA warns over future hybrid working security risks

Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure Continue Reading

AIOps adoption accelerates to improve network experiences

Research reveals heightened level of confidence and trust as companies invest in artificial intelligence to make their IT operations – networks in particular – smarter, faster and more secure Continue Reading

Microsoft thwarts mega-DDoS attack on Azure platform

2.4Tbps DDoS attack on an undisclosed Microsoft Azure customer may have been the largest ever attempted against a single target Continue Reading

Remote access vs. site-to-site VPN: What's the difference?

A remote access VPN connects remote users from any location to a corporate network. A site-to-site VPN, meanwhile, connects individual networks to each other. Continue Reading

A review of Cato Networks' SASE Cloud platform

Cato's SASE Cloud lacks some features and may require customers to replace point products to fully benefit from the platform. But Cato aligns with SASE’s cloud-native vision and is a strong contender in the market. Continue Reading

BT advances hollow core fibre research with world’s first trial of quantum-secure comms

Incumbent UK telco announces latest innovations in hollow core fibre by conducting trial of ultra-secure network communications using commercial equipment over a 6km long Lumenisity CoreSmart cable Continue Reading

Latest Microsoft zero-day being actively exploited

New Microsoft zero-day CVE-2021-40444 affects multiple versions of Windows and is probably being exploited through convincing phishing attacks Continue Reading

Berlin court reverses ban on use of EncroChat evidence in criminal trials

Berlin Superior Court allows use of EncroChat evidence in criminal trials but lawyers say the question will ultimately need to be decided by the German Supreme Court Continue Reading

Remote workers routinely bypassed security tools during pandemic

New data from Palo Alto Networks reveals that over 25% of UK security leaders saw their employees circumventing or switching off security measures at the height of the pandemic Continue Reading

Nokia presses pause on O-RAN Alliance

Citation of leading Chinese technology firms by US government department leads to Finnish comms tech giant halting activities in open comms software body Continue Reading

Extreme Networks aims to enhance SD-WAN offer with Ipanema acquisition

Cloud-driven networking company announces intent to establish second technology centre of excellence in Europe through acquisition of the SD-WAN division of Infovista Continue Reading

Investigatory Powers Tribunal finds UK spy agencies unlawfully collected personal data

Campaign groups Privacy International and Liberty are gearing up to bring further legal action after a court found that UK spy agencies unlawfully collected phone and internet records Continue Reading

Five ways to ensure remote working security and compliance

A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading

Sparsely staffed offices: the new post-pandemic cyber gap

With many offices still operating at limited capacity, a red teaming expert reveals how his job is getting easier, and why this is a problem Continue Reading

Legacy SonicWall kit exploited in ransom campaign

Users of older versions of SonicWall Secure Mobile Access 100 and Secure Remote Access products are at risk from a new ransomware campaign Continue Reading

ODA reaches milestone as TM Forum calls on telcos to grab cloud opportunity

Industry association set up for driving digital transformation through collaboration calls on comms providers to take advantage of industry-defining cloud native standards Continue Reading

Going back to office networks, only to dismantle them once and for all

With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading

Berlin court finds EncroChat intercept evidence cannot be used in criminal trials

In a major setback for police hacking operations, Berlin’s regional court has decided that intercepted data from the EncroChat phone network should not be used in criminal prosecutions Continue Reading

Qualcomm, Capgemini collaborate to boost 5G private network implementations for industries

Partnership between 5G comms tech provider and leading business management firm looks to improve interoperability, provide proven performance and ease deployment for clients looking to unlock benefits of 5G private networks Continue Reading

Incoherent technology investment saps motivation at mid-size businesses

Research suggests that mid-size businesses are falling into the trap of investing in technology for technology’s sake, rather than identifying what the business actually needs, with stress especially acute supporting remote working Continue Reading