Case Studies

Cisco addresses the security issues in its routers

The company's experts also offered insight into how it approaches security and the global threat landscape in general

Cisco Live 2019 Security Panel

A selection of Cisco's cyber security team joined together to form a panel at Cisco Live on Tuesday, addressing members of the press and fielding questions relating to the current state of global cyber security while also offering an insight into how the company approaches the hot topic when building its security products.

Advertisement - Article continues below

What a lot of people don't know is that Cisco is the largest enterprise cyber security company in the world - it's not just a networking firm, which is why hearing from a panel of experts is a valuable resource of insights into the state of cyber security around the world.

Cisco's stance on cybersecurity is that it wants to bring the 60+ different security products a business uses into one unified threat management tool, streamlining the security process.

A security company can streamline its processes all it likes but if it still lets its customers down, then it will have some things to answer for. Cisco has been the victim of its fair share of cyber security incidents this year already, most notable Thrangrycat - a critical flaw in its equipment thought to be unpatchable by experts.

What's been done to address Thrangrycat?

Thrangrycat is a term given by researchers to a pair of vulnerabilities in Cisco's routers that would allow hackers to remotely control enterprise-grade routers, allowing them access to a business' entire network.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Although Steve Martino, CISO at Cisco, said that every product that's shipped is checked so it adheres to Cisco's secure development lifecycle (CSDL) - a set of policies and tools to ensure products are built to a good specification - some fail through human error.

"We have 30,000 carbon units called humans that build these software products and occasionally they're going to make a mistake, said Martino. "They have many priorities around features, velocity, getting things to market, doing things securely and sometimes things are going to slip through.

"There is no modern piece of software built today that is bug-free or security flaw free; there just isn't, it just doesn't happen. So, what we have to be able to do is find those flaws, fix those flaws quickly and responsibly. So, I can't give you a root cause for [Thrangrycat] but, we really do take that very, very seriously."

Advertisement - Article continues below

It seems Martino seemed to sidestep the crux of the question, other issues were also on the minds of Cisco Live attendees, namely DNS hijacking attacks.

Can you comment on the wave of DNS attacks and why they're happening?

Over the past year, another emerging threat that's been growing in popularity and one that's targeted national governments is DNS hijacking attacks. The US government, Cisco and other major cyber security companies have warned over the new pervasive threat that's claimed middle-eastern governments and companies as its victims.

A DNS attack is supremely damaging, in the wave of attacks on the Middle East over the past year, attackers were able to steal login credentials from people in government and private bodies in Lebanon and the UAE. Successful DNS hijacking also allows attackers to obtain SSL certificates to decrypt intercepted email and VPN credentials. Cisco is scared that it could be the next big trend for cyber criminals to follow.

"Unfortunately for us, when we start manipulating the DNS system on a global scale everyone sees it and that is incredibly bad because there's one thing that I think we can all agree about the internet - when bad guys find a technique that's successful, other bad guys are going to see those same techniques and copy them," said Craig Williams, director of outreach at Cisco Talos.

Advertisement - Article continues below

"Right now, those types of manipulations and DNS redirections are only really going to affect nation states attacking other nation-states," he added. "I have concerns that, in the future, normal bad guys - cyber criminals - are going to utilise the same techniques. So, it's something we need to keep an eye on, it's something we need to take seriously."

To stay protected, Williams recommends regularly patching systems, mitigating vulnerabilities and enabling multi-factor authentication. "There's no reason not to be using multi-factor authentication anymore," he said. "Everyone knows how to use it, my mum can use it, it's on her Facebook - so turn it on."

Cisco's approach to security

Conference attendees were also keen to hear more about Cisco's approach to cyber security going forward and how it plans on protecting its customers. Three main takeaways were pulled from the panel discussion, the first of which is that security is moving towards the endpoint and the end device.

Advertisement - Article continues below

"Being able to provide security controls, perimeter device, user-to-application-to-data is absolutely where take our discussions - it's no longer a single-product conversation," said John Maynard, VP global security sales.

Visibility and integration are two goals that drive Cisco's security product development too. Not only does the company want to unify those 60+ threat prevention tools and vendors as mentioned earlier, but it wants to inform customers why Cisco's tools are doing what they're doing.

"[Cisco's security portfolio] not only defends, but gives me insights into why it's defending things," said Martino. "We collect on our own network 4TB of data every day to help us further defend our network and our infrastructure and that visibility is really key."

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now
Advertisement
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/business/policy-legislation/356256/uk-invested-about-ps500m-in-wrong-gps-satellites
Policy & legislation

UK gov buys "wrong" satellites in £500m blunder

29 Jun 2020
Visit/security/34616/the-top-password-cracking-techniques-used-by-hackers
Security

The top 12 password-cracking techniques used by hackers

12 Jun 2020