Network security strategy

Uncertainty persists, but enterprises rush to adopt network as a service

Research shows that enterprise network-as-a-service opportunities abound but comms service providers will need to overhaul investment and go-to-market strategies before adoption becomes widespread Continue Reading

How Aruba is tapping opportunities in networking

Aruba is planning to expand its product portfolio, make deeper inroads into datacentres and drive adoption of network as a service, among other efforts to tap opportunities in the networking market Continue Reading

Orange juices JDE expansion with SD-WAN

Telco’s Business Services division selected by global coffee company to secure end-to-end connectivity offerings for more than 120 locations worldwide Continue Reading

Cloudflare urged to clamp down on pirates, counterfeiters

A whitepaper produced by brand protection specialist Corsearch calls on Cloudflare to do more to stop online content piracy and sales of counterfeit goods Continue Reading

Cloudflare completes SASE offer with Magic WAN Connector

Software-defined wide-area network functionality released by online application acceleration and infrastructure provider Cloudflare to complete single-supplier secure access service edge offering Continue Reading

Warning over ransomware attacks spreading via Fortinet kit

Following the disclosure of a critical vulnerability in October 2022, Fortinet VPN devices were exploited in two known ransomware attacks, with access likely sold on the dark web Continue Reading

Top 10 networking stories of 2022

Here are Computer Weekly’s top 10 networking stories of 2022 Continue Reading

Complaints that NCA failed in duty of candour over EncroChat warrants ‘incredible’, court hears

NCA lawyers argue that a decision by an NCA intelligence officer to disclose notes of a key meeting after two-and-a-half years boosts her credibility as a witness Continue Reading

UK unis implement new IP traffic policies to combat ransomware

Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature Continue Reading

Cops dismantle 48 DDoS-for-hire websites

An operation combining law enforcement from the UK, US, Netherlands and Europol has disrupted 48 of the world’s most popular DDoS booter websites Continue Reading

How Zscaler is cracking APAC’s cloud security market

Zscaler’s head in Asia-Pacific and Japan talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better Continue Reading

Industrial IoT focus of next NCSC startup challenge

The NCSC for Startups programme is looking for innovative ideas to encrypt and secure the industrial internet of things Continue Reading

CityFibre identifies massive economic gains for Cheltenham, Portsmouth areas through full fibre

Leading independent gigabit broadband provider reveals positive economic and productivity impacts in Gloucestershire and south-coast cities where it has introduced full fibre, running to £145m and £335m respectively Continue Reading

Enterprises embrace SD-WAN but miss benefits of integrated approach to security

Research from managed network and security services provider finds virtually all enterprises have deployed software-defined wide area networks or plan to do so within the next 24 months, but nearly half reported they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all Continue Reading

Global network fragmentation a source of increasing risk

Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures Continue Reading

US authorities charge two Chinese spies over telco security probe

Two Chinese nationals have been charged with attempting to obstruct the criminal prosecution of a prominent Chinese telecoms firm Continue Reading

The Security Interviews: Why now for ZTNA 2.0?

With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network access Continue Reading

A gold medal performance for networking

In this week’s Computer Weekly, we find out how the IT team behind the 2022 Commonwealth Games in Birmingham delivered a winning performance. We also look at how the centuries-old London insurance market is going digital, thanks to Lloyd’s of London. And we find out how low-cost high street stores succumbed to the inevitable and are going online. Read the issue now. Continue Reading

CW APAC: Trend Watch: Cloud networking

Organisations are waking up to the importance of utilising updated cloud services. In this handbook, focused on cloud networking in the Asia-Pacific region, Computer Weekly looks at the technology’s advantages, how Cloudflare keeps its customers protected, Tata’s efforts to strengthen its offerings, and how networking and security might evolve in the future. Continue Reading

CISOs should spend on critical apps, cloud, zero-trust, in 2023

Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading

UK government presses on with new cyber rules for telcos

Government has finalised new security rules for telecoms companies and will move to make them binding in the near future Continue Reading

Amazon Ring vulnerability could have been used to spy on users

A now-patched vulnerability in the Amazon Ring mobile app could have been exploited to expose users’ video recordings, but was complex to exploit, according to the researchers who stumbled upon it Continue Reading

Ukraine war drives DDoS attack volumes ever higher

There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity Continue Reading

Researcher finds 10 vulnerabilities in Cisco firewalls

At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches Continue Reading

Cisco averts cyber disaster after successful phishing attack

A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage Continue Reading

Seacom teams up with BT to deliver enterprise communications services across Africa

Deal with leading UK telco intended for customers of Africa’s first broadband submarine cable system to benefit from what is claimed to be world-class portfolio of network services Continue Reading

APAC organisations warm to cloud networking

Organisations in Asia-Pacific are getting up to speed with cloud networking services, even as they grapple with the challenges of managing a hybrid cloud environment Continue Reading

Reliance on PSN may have exacerbated cyber attack impact

As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks Continue Reading

GSMA warns of potential 5G benefits loss through lack of 6GHz wireless band allocation

Trade body for the global mobile industry publishes industry ecosystem review and rails further against plans to offer the full 6GHz band to unlicensed use, warning a significant portion of the expected benefits of mid-band 5G could be lost if no additional mid-band spectrum is assigned to mobile services in the near future Continue Reading

Shift to remote work sees major rise in cyber crime

Survey finds almost four in five cyber security teams agree that recent changes to working practices have adversely affected their organisation’s cyber security, with one-fifth banning the use of public Wi-Fi by policy Continue Reading

DrayTek patches SOHO router bug that left thousands exposed

Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers Continue Reading

Cato aims to bust cyber myths as it extends network protections

Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network – to explode some cyber myths Continue Reading

Vodafone, Virgin Media O2 commit to mobile access across London Underground

Global communications infrastructure provider announces that all four major mobile networks have now committed to high-speed 4G and 5G-ready mobile connectivity across the Tube network Continue Reading

Netskope focuses on network transformation with ‘elite’ advisory group

Network technologies provider announces formation of Network Visionaries group featuring former AWS, Crowdstrike execs to offer cloud, hyperscale, security and networking expertise Continue Reading

Cato Networks opens Copenhagen point of presence

Cato opens PoP in Danish capital to bolster resiliency and extend converged security and networking capabilities across Nordic region Continue Reading

Colt Technology Services gets SASE with enhanced enterprise network

Customers of enterprise network provider now have access to an integrated service that brings together the software-defined wide area network Continue Reading

A1 Telekom Austria offers VMware SD-WAN

Covering Seven Sites in the CEE Area, leading telco teams with IT services provider to offer a new range managed software-defined wide area network services Continue Reading

Ukraine cyber agency enlists Radware to protect government networks

Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks Continue Reading

How TDCX is building a people-centric business

Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez Continue Reading

China using top consumer routers to hack Western comms networks

An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks Continue Reading

Singapore doubles down on quantum technology

The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology Continue Reading

Mobile digital transformation – from fast to deep

The first half of 2022 has been a busy time, with much happening in the mobile industry. We consider what the rest of year might hold Continue Reading

Greggs bakes SD-WAN into shops of the future

Food retailer deploys software-defined wide area network to drive the increased use of in-shop devices and ensure consistent, high-quality bandwidth to fulfil growing demand Continue Reading

Cato Networks beefs up SASE offer with Marseilles point of presence

Point of presence in South of France port city joins SASE provider’s global private network of more than 70 PoPs worldwide, extending converged security and networking to the region while expanding in-country resiliency across key territory Continue Reading

CyberUK 22: Data-sharing service to protect public from scams

A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites Continue Reading

NCSC pins Viasat cyber attack on Russia

UK authorities have attributed the 24 February cyber attack on the network of satellite comms company Viasat to Russia Continue Reading

Security Think Tank: Identify, assess and monitor to understand attack paths

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading

Security Think Tank: Defenders must get out ahead of complexity

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to better understand these attack pathways to fight back Continue Reading

Five TLS comms vulnerabilities hit Aruba, Avaya switching kit

Five new vulnerabilities in the implementation of transport layer security communications leave several popular switches vulnerable to remote code execution Continue Reading

Security Think Tank: Solving for complexity in the network

The modern-day abundance of IT platforms, apps and tools gives the bad guys ample opportunity to move rapidly through the network to hit critical assets. Security teams must understand these attack pathways better in order to fight back Continue Reading

Attackers enlist cloud providers in large HTTPS DDoS hit

A recent large-scale DDoS incident shows how cyber criminals are switching up their tactics to conduct more sophisticated attacks Continue Reading

Orange Business Services delivers global SD-WAN to Siemens

Digital services company and global enterprise division of the global telco teams with leading German technology firm to complete what is said to be one of the largest software-defined wide area network deployments in the world, covering 1,168 worldwide locations across 94 countries Continue Reading

SoftBank invests in Aryaka for international SD-WAN service, SD-core

With the objective of shoring up its international networking service, enabling a flexible and highly secure network that meets overseas customer needs, Japanese multinational upgrades software-defined wide area network and core Continue Reading

BT, Toshiba team on first commercial trial of quantum secured network with EY

Revolutionary computer infrastructure to be used in trial of management consultancy’s aim to connect quantum secure data transmission between its major London offices Continue Reading

US mobile network emerges as latest Lapsus$ victim

Lapsus$ extortion gang hit T-Mobile and attempted to perform SIM-swapping attacks and code theft Continue Reading

Zoom adds new round of cyber security enhancements

Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements Continue Reading

NSO Group faces court action after Pegasus spyware used against targets in UK

Three human rights activists whose phones were targeted by spyware traced to Saudi Arabia and the United Arab Emirates have begun legal action against both countries and Israel’s NSO Group Technologies Continue Reading

Hammers sign Acronis as backup and security in one

West Ham United set to replace separate backup from Veeam and a variety of security products with Acronis Cyber Protect to have backup, data protection and file share on a single platform Continue Reading

Zhadnost DDoS botnet deployed against Finland

A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament Continue Reading

WatchGuard firewall users urged to patch Cyclops Blink vulnerability

The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading

Aryaka addresses accelerating European customer demand with Paris services PoP

As European businesses are hit by supply chain issues, telcos issues and a disrupted workforce, SD-WAN and SASE provider Aryaka claims to guarantee network and application performance through new Paris service point of presence Continue Reading

US shuts down Russia’s Cyclops Blink botnet operation

Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’ Continue Reading

Nasstar appointed to run new secure network on behalf of UK MoD

New SD-WAN developed for facilities management services provider as it works with Ministry of Defence to support applications ensuring secure connection to public and private cloud Continue Reading

Windstream claims North America’s ‘first and only comprehensive’ managed SASE

Managed communications service provider sees new bundle enabling convergence of networking and security as addressing modern-day challenges of digital business transformation, cyber security and workforce mobility Continue Reading

Two men convicted after using EncroChat cryptophones to plot killing

Evidence from the encrypted phone network EncroChat led to the conviction of two men for conspiracy to murder Continue Reading

Orange Business Services and Fortinet seal SASE partnership

Business services division of telco inks partnership with cyber security firm to gain differentiation for secure access service edge solution based on cloud-native technologies and using a dedicated global IP backbone to deliver expanded on-demand services Continue Reading

Nato Cyber Security unit tests post-quantum VPN

Nato’s Cyber Security Centre has successfully tested secure communication flows in a post-quantum world using a UK-designed VPN Continue Reading

DCMS opens consultation on telecoms cyber standards

Proposed rules will set out the specific measures telecoms providers need to take to fulfil their legal duties under the Telecommunications Security Act Continue Reading

Cloudflare: Our network is our product

Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats Continue Reading

Russia behind dangerous Cyclops Blink malware

Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk Continue Reading

Zoom gains NCSC Cyber Essentials Plus and NHS security badges

Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats Continue Reading

UK joins US in pinning Ukraine DDoS attacks on Russia

A series of DDoS attacks on Ukrainian defence and banking organisations last week is now being firmly attributed to Russian action Continue Reading

Zero-trust to soar in 2022, but dogged by implementation challenges

IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite Continue Reading

DCMS taps Arqit for 5G project to provide Open RAN security by default

Quantum platform-as-a-service provider joins government’s programme to drive diversity in comms technology supply with the aim of integrating a novel quantum encryption service to enable security by default Continue Reading

MPs to debate landmark IoT security law

Proposed bill mandates tighter protections for connected products, and adds new rules for broadband roll-out into the bargain Continue Reading

New normal sees SASE, SD-WAN surge as MPLS is phased out

Research confirms that MPLS is ‘out’ and SD-WAN and SASE systems are the clear winners in enterprise networking as more and more European organisations are eliminating all on-prem datacentres, with cloud adoption steaming ahead Continue Reading

Singapore to tighten digital banking security

Banks in Singapore will have to put in place more stringent measures to combat the rise in online phishing scams targeted at bank customers in the city-state Continue Reading

Chasm exists between ‘true’ and portfolio SASE approaches

Survey of enterprise IT leaders finds little difference between respondents without SASE and those who adopted SASE product portfolios regarding issues such as trade-offs between performance and security Continue Reading

Exium, Teneo team to deliver digital experience, 5G-capable SASE platform

Work-from-anywhere IT services company and cyber security provider enter into partnership to assist lean enterprise IT teams in their transition to a secure access service edge Continue Reading

What is Log4Shell - and why the panic?

In this week’s Computer Weekly, we assess the risks from Log4Shell, a new web software vulnerability described as “catastrophic”. We look at SASE – secure access service edge – which is set to be one of the networking priorities for 2022. And some victims of the Post Office IT scandal are still waiting for proper compensation. Read the issue now. Continue Reading

Security Think Tank: There’s much more to do to secure hybrid workers

Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading

Aryaka announces ‘all-in-one’ SD-WAN, SASE offerings for hybrid workplace

Cloud-first software-defined wide area network firm claims hybrid network innovation breakthrough, enabling businesses of all sizes to navigate change while focusing on growth and digital transformation Continue Reading

GTT teams with Palo Alto to power SASE platform

Secure access service edge platform will offer advanced security techniques, fortifying network access from any location Continue Reading

Security Think Tank: Dissecting the true value of SASE is a challenge

As a relatively nascent technology that is getting a lot of publicity, dissecting the true value of SASE is still a difficult proposition, for now Continue Reading

Security Think Tank: SASE will become operational reality

While still considered very much a buzzword, the pace of change in corporate networks and operational technology means secure access service edge (SASE) is becoming reality for many Continue Reading

Alert over spate of Iran-linked BitLocker attacks

A joint advisory from western cyber agencies warns of a campaign of ‘ongoing malicious activity’ by an Iran-linked APT group exploiting BitLocker to extort its targets Continue Reading

Sky ECC provided free cryptophones to a Canadian police force

Internal emails disclosed in a US court show how Sky Global supplied sample encrypted phones to a Canadian police force before its phone users became subject to an international police investigation Continue Reading

Security Think Tank: What to find out before investing in SASE

Petra Wenham of the BCS shares her thoughts on what organisations need to consider as they investigate whether or not to invest in secure access service edge technology Continue Reading

BT applies Covid-19 R number modelling to threat response

A prototype cyber security tool developed at BT uses epidemiological principles to detect and respond to cyber threats Continue Reading

HPE’s Aruba networking unit hit by cyber attack

Undisclosed threat actor compromised data buckets used to run the Aruba Central cloud environment using a stolen access key Continue Reading

Security Think Tank: SASE – marketing buzz or the future of security?

SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT Continue Reading

Is SASE mere vendor hype? It’s more nuanced than that

There’s no doubt that SASE is being overhyped, but nevertheless the concept holds value that security teams should not discount, according to PA Consulting analysts Continue Reading

CIA sought revenge against Julian Assange over hacking tool leaks, court hears

The CIA discussed kidnapping Julian Assange after WikiLeaks published thousands of documents revealing its arsenal of hacking tools, defence lawyers tell a London court Continue Reading

Multi-government operation targets REvil ransomware group

REvil has been forced offline by a multi-government hacking operation, marking the second time in 2021 that the group has gone dark Continue Reading

LightBasin hackers breach 13 telcos in two years

Hackers have obtained an undisclosed volume of subscriber information and call metadata in a sustained campaign against telecommunications firms Continue Reading

Back on the office network: What are the risks for mobile users?

Many people are returning to offices and bringing their mobile devices with them. What are the cyber security implications of this? Continue Reading

DCMS appoints Plexal to drive telecoms diversity strategy

Government chooses UK innovation company to understand and develop the role of SMEs in the telecoms market with particular reference to how to create a diverse market that supports the creation of home-grown, sovereign technology Continue Reading

Apple scheme to detect child abuse creates serious privacy and security risks, say scientists

Apple’s plan to automatically scan photos to detect child abuse would unduly risk the privacy and security of law-abiding citizens and could open up the way to surveillance, say the world’s top cryptographic experts Continue Reading

FCA warns over future hybrid working security risks

Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure Continue Reading

AIOps adoption accelerates to improve network experiences

Research reveals heightened level of confidence and trust as companies invest in artificial intelligence to make their IT operations – networks in particular – smarter, faster and more secure Continue Reading