Thursday, December 15, 2016

FCC Chairman Tom Wheeler to Step Down

FCC Chairman Tom Wheeler will step down on January 20, 2017.

“Serving as F.C.C. Chairman during this period of historic technological change has been the greatest honor of my professional life. I am deeply grateful to the President for giving me this opportunity. I am especially thankful to the talented Commission staff for their service and sacrifice during my tenure. Their achievements have contributed to a thriving communications sector, where robust investment and world-leading innovation continue to drive our economy and meaningful improvements in the lives of the American people. It has been a privilege to work with my fellow Commissioners to help protect consumers, strengthen public safety and cybersecurity, and ensure fast, fair and open networks for all Americans.”

http://www.fcc.gov

  • Tom Wheeler previously served as Managing Director of Core Capital Partners, a venture capital firm headquartered in Washington, D.C. Earlier in his career, he served as President of the National Cable Television Association (NCTA) from 1979 to 1984, and later as CEO of the Cellular Telecommunications & Internet Association (CTIA) until 2004.

FCC Chairman Calls for New Net Neutrality Rules



FCC Chairman Tom Wheeler announced plans to introduce new Net Neutrality rules saying his intent is to "preserved the Internet as an open platform for innovation and expression while providing certainty and predictability in the marketplace." The announcement comes a month after the United States Court of Appeals for the D.C. Circuit ruled that the FCC overstepped its boundaries in setting Net Neutrality rules that compel broadband providers to...





FCC Eyes Residential Fiber Build-out as Condition for AT&T/DirecTV Deal


FCC Chairman Tom Wheeler has circulated a draft recommendation to his fellow FCC commissioners recommending that the AT&T/DirecTV transaction be approved with conditions concerning future fiber rollouts by AT&T. Namely, Wheeler would like 12.5 million customer locations to have access to a competitive high-speed fiber connection -- an additional build-out that is about 10 times the size of AT&T’s current fiber-to-the-premise deployment....

FCC Chairman Seeks to Extend Title II Authority to Wireless Too


FCC Chairman Tom Wheeler confirmed that he circulating a proposal this week with his fellow commissioners that would  implement and enforce open Internet protections using Title II authority.  In a column published by Wired.com, Wheeler describes his proposal as "the strongest open internet protections ever proposed by the FCC." Specifically, Wheeler seeks enforceable, bright-line rules to ban paid prioritization, and the blocking and...

Bell Canada Evaluates AT&T’s Open Source ECOMP

Bell Canada is currently testing AT&T’s ECOMP platform to create and manage software-defined networks.

ECOMP, which stands for Enhanced Control, Orchestration, Management and Policy, is the software platform AT&T created to power its new network. ECOMP lets service providers quickly add features and drive down operations costs.

AT&T has committed to release its ECOMP platform as open source software in conjunction with the Linux Foundation in the first quarter of 2017.

“ECOMP represents a significant investment in the software-centric networks of the future.  We have committed to taking this investment into open source through the Linux Foundation,” said Chris Rice, senior vice president – AT&T Labs, Domain 2.0 Architecture and Design. “We welcome Bell Canada’s collaboration in driving a new network approach that is faster, more efficient and ultimately more responsive to customer needs.”

“Bell Canada is committed to leading broadband network and service innovation in Canada. We believe software-defined networks will advance the future of both wireless and wireline connectivity by adapting to customer needs quickly, and enabling a seamless user experience,” said Petri Lyytikainen, Bell’s vice president, Network Strategy, Services and Management. “We are pleased to collaborate with AT&T and other leading communications companies to evaluate the promising capabilities of the open-source ECOMP platform.”
 
“It’s exciting to see the communications industry coalescing around ECOMP,” said Jim Zemlin, executive director at the Linux Foundation. “ECOMP is the most comprehensive and complete architecture for VNF/SDN automation we have seen. AT&T has had this platform in production for over 2 years now. This technology is unique in that it’s both disruptive and battle-tested. We can’t wait to host it at the Linux Foundation and open it up to the broader developer community.”

http://www.att.com


  • In September, Orange agreed to test the platform for creating and managing its own software-defined network. Orange is the first telecom company to join AT&T’s ECOMP effort. The carriers have agreed to collaborate on open source and standardization initiatives to accelerate the standardization of SDN and NFV.

Nokia to acquire Deepfield for Big Data Analytics

Nokia agreed to acquire Deepfield, a start-up specializing in in real-time analytics for IP network performance management and security.

Deepfield, which  was founded in 2011 and is based in Ann Arbor, Michigan, developed an analytics platform that identifies over 30 000 popular cloud applications and services.  Its Internet Genome tracks how traffic runs to and through networks to reach subscribers, in real time, and without the need for probes, taps and monitors in the network itself.

Nokia said it plans couple Deepfield big data analytics with the dynamic control capabilities of open SDN platforms, such as the Nokia Network Services Platform (NSP) and Nuage Networks Virtualized Services Platform (VSP). Together, these products become the cognitive "brain" that makes real-time, automated changes to wide area networks (WANs) and datacenter networks so they can quickly adapt to changes in application demand, flow and traffic patterns. This will allow Nokia customers to drive greater network efficiency, help assure quality and enhance security - without manual intervention, and in real-time.

Nokia's service assurance and customer experience management portfolios would also leverage Deepfield's big data analytics, including per subscriber application performance, to automate actions that ensure ongoing service health and customer satisfaction.

Basil Alwan, president of Nokia's IP/Optical Networks business group, said: "We are impressed with Deepfield's unique approach to network analytics and their deployments with major providers around the globe, delivering critical visibility into how leading cloud applications and services flow through their networks. Combining Deepfield's cutting-edge analytics with Software Defined Networking techniques (SDN) will allow our customers to automate engineering and assurance processes while enhancing performance, utilization and security. We believe this capability will only increase in importance as networks and applications become more complex, diverse and dynamic."

Craig Labovitz, founder and CEO of Deepfield, said: "We are very pleased to join Nokia, a like-minded global leader in IP networking with shared values in network innovation. I look forward to leveraging the strength of Nokia's world-class customer, sales and support footprint to take our Deepfield technology worldwide. This will also give us a solid foundation from which to accelerate the creation of new value - both in the Deepfield portfolio, and in joint areas such as telemetry and automation."

http://www.nokia.com

Elenion Targets Innovation in Silicon Photonics

Elenion Technologies, a start-up headquartered in New York City with offices in San Jose, California and Munich, emerged from stealth and announced its plans to drive innovation in silicon photonics.

Elenion is backed by Marlin Equity Partners, a global investment firm, that also owns Coriant. Elenion is headed Larry Schwerin, who previously was CEO of Silicon Lightwave Services, a ground-breaking silicon photonics design services company, and Capella Intelligent Subsystems, a leading supplier of Wavelength Selective Switch technology acquired by Alcatel-Lucent in 2013. In addition, Michael Hochberg, a renowned silicon photonics expert and co-founder of Luxtera, serves as the CTO.

“Following over two years of focused R&D, including extensive coordination with Coriant, we are excited with the progress Elenion’s experienced team has demonstrated in the development of next-generation photonic integrated circuit products,” said Doug Bayerd, a principal at Marlin. “Elenion is uniquely positioned to capitalize on one of the industry’s most promising technologies and accelerate the introduction of commercially-ready advanced communications solutions.”

“Silicon photonics is redefining the economics of interconnect technologies and enabling the use of optics in exciting new markets and applications,” said Schwerin. “We look forward to working with our customers to deliver innovative photonic integrated circuit solutions that are far more complex and capable than previously possible.”

http://www.elenion.com

Databricks Raises $60 Million for Cloud Data Analytics with Apache Spark

Databricks, a start-up founded by the team that created Apache Spark, announced $60 million in a Series C funding.

Databricks offers a data platform in the cloud powered by Apache Spark. The company said that as Spark's adoption moves into mainstream in large data-driven enterprises in all industries, it has seen an explosive uptick in customer demand and adoption, serving more than 400 customers today.

The funding round was led by New Enterprise Associates (NEA) and included existing Databricks investor, Andreessen Horowitz. The new funding round brings Databricks' total funding to date to $107.5 million.

"Apache Spark has enabled countless enterprises and cutting-edge early adopters to create business value through advanced analytics solutions," said Ali Ghodsi, CEO and Co-Founder at Databricks. "As Spark's adoption and the demand for our managed Spark platform continues to rise, this funding will advance our engineering and go-to-market strategies to address all of our customer's pain points as we continue to grow the Spark community."

http://www.databricks.com

Wednesday, December 14, 2016

Ten Cybersecurity Predictions for 2017

by Dr. Chase Cunningham, ECSA, LPT 
Director of Cyber Operations, A10 Networks 

The cyber landscape changes dramatically year after year. If you blink, you may miss something; whether that’s a noteworthy hack, a new attack vector or new solutions to protect your business. Sound cyber security means trying to stay one step ahead of threat actors. Before the end of 2016 comes around, I wanted to grab my crystal ball and take my best guess at what will be the big story lines in cyber security in 2017.

1. IoT continues to pose a major threat. In late 2016, all eyes were on IoT-borne attacks. Threat actors were using Internet of Things devices to build botnets to launch massive distrubted denial of service (DDoS) attacks. In two instances, these botnets collected unsecured “smart” cameras. As IoT devices proliferate, and everything has a Web connection — refrigerators, medical devices, cameras, cars, tires, you name it — this problem will continue to grow unless proper precautions like two-factor authentication, strong password protection and others are taken.

Device manufactures must also change behavior. They must scrap default passwords and either assign unique credentials to each device or apply modern password configuration techinques for the end user during setup.

2. DDoS attacks get even bigger. We recently saw some of the largest DDoS attacks on record, in some instances topping 1 Tbps. That’s absolutely massive, and it shows no sign of slowing. Through 2015, the largest attacks on record were in the 65 Gbps range. Going into 2017, we can expect to see DDoS attacks grow in size, further fueling the need for solutions tailored to protect against and mitigate these colossal attacks.

3. Predictive analytics gains groundMath, machine learning and artificial intelligence will be baked more into security solutions. Security solutions will learn from the past, and essentially predict attack vectors and behvior based on that historical data. This means security solutions will be able to more accurately and intelligently identify and predict attacks by using event data and marrying it to real-world attacks. 

4. Attack attempts on industrial control systems. Similar to the IoT attacks, it’s only due time until we see major industrial control system (ICS) attacks. Attacks on ecommerce stores, social media platforms and others have become so commonplace that we’ve almost grown cold to them. Bad guys will move onto bigger targets: dams, water treatment facilities and other critical systems to gain recognition.

5. Upstream providers become targets. The DDoS attack launched against DNS provider Dyn, which resulted in knocking out many major sites that use Dyn for DNS services, made headlines because it highlighted what can happen when threat actors target a service provider as opposed to just the end customers. These types of attacks on upstream providers causes a ripple effect that interrupts service not only for the provider, but all of their customers and users. The attack on Dyn set a dangerous presedent and will likely be emulated several times over in the coming year.

6. Physical security grows in importance. Cyber security is just one part of the puzzle. Strong physical security is also necessary. In 2017, companies will take notice, and will implement stronger physical security measures and policies to protect against internal threats and theft and unwanted devices coming in and infecting systems.

7. Automobiles become a target. With autonomous vehicles on the way and the massive success of sophisticated electric cars like Teslas, the automobile industry will become a much more attractive target for attackers. Taking control of an automobile isn’t fantasy, and it could be a real threat next year.

8. Point solutions no longer do the job. The days of Frankensteining together a set of security solutions has to stop. Instead of buying a single solution for each issue, businesses must trust security solutions from best-of-breed vendors and partnerships that answer a number of security needs. Why have 12 solutions when you can have three? In 2017, your security footprint will get smaller, but will be much more powerful.

9. The threat of ransomware growsRansomware was one of the fastest growing online threats in 2016, and it will become more serious and more frequent in 2017. We’ve seen businesses and individuals pay thousands of dollars to free their data from the grip of threat actors. The growth of ransomware means we must be more diligent to protect against it by not clicking on anything suspicious. Remember: if it sounds too good to be true, it probably is.

10. Security teams are 24/7. The days of security teams working 9-to-5 are long gone. Now is the dawn of the 24/7 security team. As more security solutions become services-based, consumers and businesses will demand the security teams and their vendors be available around the clock. While monitoring tools do some of the work, threats don’t stop just because it’s midnight, and security teams need to be ready to do battle all day, every day.

About the Author

Dr. Chase Cunningham (CPO USN Ret.)  is A10 Networks' Director of Cyber Operations. He is an industry authority on advanced threat intelligence and cyberattack tactics. Cunningham is a former US Navy chief cryptologic technician who supported US Special Forces and Navy Seals during three tours of Iraq. During this time, he also supported the NSA and acted as lead computer network exploitation expert for the US Joint Cryptologic Analysis Course. Prior to joining A10 Networks, Cunningham was the director of cyber threat research and innovation at Armor, a provider of cloud-based cyber defense solutions. 


Yahoo! -- One Billion Accounts Compromised

Yahoo! confirmed that hackers stole data and compromised more than one billion user accounts in August 2013. The exploit was first disclosed by Yahoo! in November and is most likely different from incident disclosed on September 22, 2016.

Separately, Yahoo previously disclosed that its outside forensic experts were investigating the creation of forged cookies that could allow an intruder to access users' accounts without a password. Based on the ongoing investigation, the company believes an unauthorized third party accessed the company's proprietary code to learn how to forge cookies. The outside forensic experts have identified user accounts for which they believe forged cookies were taken or used. Yahoo is notifying the affected account holders, and has invalidated the forged cookies. The company has connected some of this activity to the same state-sponsored actor believed to be responsible for the data theft the company disclosed on September 22, 2016.

https://yahoo.com/security-update

Yahoo Cites State Actor for Massive Security Breach

Yahoo believes a state-sponsored actor breached its network in late 2014 and may have stole names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers from at least 500 million accounts.

Yahoo said its ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information.

http://www.yahoo.com

FBI Arrests USC Student in DDoS Sweep

The FBI announced the arrest of Sean Sharma, a graduate student at the University of Southern California, for his suspected role in a distributed denial of service (DDoS) attack against a San Francisco chat service company.  The arrest came as part of an operation aimed at users of “DDoS for hire” services. The sweep, which was coordinated from The Hague in the Netherlands by Europol’s European Cyber Crime Centre (EC3), yielded nearly three dozen arrests in 13 countries.

https://www.fbi.gov/news/stories/international-cyber-sweep-nets-ddos-attackers

Alibaba Cloud for Japan Ready for Launch

Alibaba Cloud for Japan is ready for commercial launch on December 15, 2016.

The service is provided by SB Cloud Corporation, which is a joint venture between SoftBank Corp. and Alibaba Group Holding Limited.

Alibaba Cloud, the cloud computing arm of Alibaba Group, has the largest share of the Chinese market with its services. Its services provide the critical infrastructure that supports the Alibaba Group’s e-commerce sites, which recently processed a maximum 175,000 orders per second during this year’s Singles’ Day, a large-scale sale that takes place in China on November 11.

With Alibaba Cloud, customers can use Alibaba Group hosted data centers in China, the United States, Hong Kong, Singapore and other locations in addition to those hosted by SB Cloud in Japan.

https://www.sbcloud.co.jp/

AWS London Opens for Business

Amazon Web Services officially launched its AWS London Region, offering two availability zones (data centers).  The new London Region is currently available for multiple services, including Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), and Amazon Relational Database Service (Amazon RDS).

The London Region joins Ireland and Frankfurt as AWS’ third European location. This brings the number of AWS Regions worldwide to sixteen, and the total number of AWS Availability Zones to 42.

https://aws.amazon.com/about-aws/whats-new/2016/12/announcing-the-aws-europe-london-region/

AT&T Connects NASA's Deep Space Network Radio Antennas

AT&T will provide a global VPN linking the giant radio antennas of NASA's Deep Space Network.

AT&T said its highly secure and reliable VPN lets NASA protect and transmit data 3x faster than before. It also lets NASA increase of decrease bandwidth on demand.

NASA’s Deep Space Network supports communications for interplanetary spacecraft missions. It also provides radar and radio astronomy observations that improve our understanding of the solar system and the larger universe

http://www/att.com
http://deepspace.jpl.nasa.gov/about/

Arista Wins in Copyright Case Versus Cisco

A U.S. jury in the Northern District of California has found that Arista is not liable for copyright infringement related to Arista’s use of a small number of commands similar to those found in Cisco’s Command Line Interface (CLI), and does not owe damages to Cisco.

“We would like to thank the jurors and Judge Freeman for their tireless efforts. Today’s verdict represents an important victory not only for Arista but for the entire industry,” said Marc Taxay, Senior Vice President and General Counsel of Arista.

http://www.arista.com


Cisco Confirms Import Ban for Infringing Arista Products


In a blog posting, Cisco's Mark Chandler confirmed that the office of the U.S. Trade Representative has stated that the International Trade Commission’s import ban and cease and desist order covering all Arista products that infringed three core Cisco patents is now in effect. In the statement, Chandler said Cisco is prepared to bring an enforcement action if Arista violates the ban and continues to sell or support infringing products. http://blogs.cisco.com/news/protecting-innovation-facing-the-facts Cisco...


Blacksky Integrates Satellite Imagery wtih Data Streams

Spaceflight Industries introduced a cloud-based platform that integrates satellite imagery, social media and other data feeds – to reveal timely and relevant insights around specific topics or locations.

The new BlackSky global intelligence platform offers two major capabilities:


  • Imagery: Customers can discover, purchase and download imagery via the BlackSky platform, which currently provides access to more than 10 high-resolution imaging spacecraft including those from 21AT’s TripleSat, SIIS’s KOMPSAT, and UrtheCast’s Deimos-2. The platform will incorporate data from BlackSky’s 60-satellite constellation as it enters commercial operation in 2017. Additionally, customers can acquire real-time images by tasking partner satellite systems and soon the BlackSky constellation.
  • Insights: The platform fuses the satellite imagery with information from other sources including news outlets and social media to create curated data feeds by location (ex: port, pipeline, border) or theme (ex: geopolitical conflict, natural disasters, energy, or health/outbreak). Through machine learning, predictive algorithms and natural language processing techniques, the platform triangulates these relevant global events in time and space. Customers then receive customized results that are prioritized based on their preferences.

“Our business plan has always been to look at the planet in real time, in every spectrum, to solve real-world problems,” said Jason Andrews, chief executive officer of Spaceflight Industries. “Today we are announcing significant progress on that journey. For the first time, organizations can fuse satellite imagery with a wide array of data services contextualized in time and space”

http://www.blacksky.com

Tuesday, December 13, 2016

Sprint Extends 2.5 GHz Spectrum with High Performance User Equipment

Sprint announced plans to leverage High Performance User Equipment (HPUE) to optimize its 2.5 GHz network coverage.

Sprint said HPUE technology, which was certified by 3GPP earlier this month, is capable of extending its 2.5 GHz coverage by up to 30 percent to nearly match its mid-band 1.9 GHz spectrum performance, including indoors where an estimated 60 to 70 percent of wireless traffic is generated. HPUE is a new power class – Power Class 2 – for end-user devices such as smartphones, and is designed to improve the performance of TDD-LTE Band 41 networks around the world. Sprint co-led the development of HPUE in conjunction with the Global TDD LTE Initiative (GTI) and companies such as China Mobile, SoftBank, Qualcomm Technologies Inc., Samsung, ZTE, Broadcom, MediaTek, Skyworks Solutions, Alcatel, Motorola, LG and Qorvo.

“HPUE is an incredible innovation that will dramatically improve the performance of our high-band spectrum and deliver an even better experience for the millions of customers on the Sprint network whether they’re streaming videos, playing games or using apps, both indoors and out,” said Dr. John Saw, Sprint CTO. “With HPUE, our customers using 2.5 GHz-capable phones can have nearly the same reach as our 1.9 GHz spectrum. This gives them all the coverage advantages of mid-band spectrum while maintaining the tremendous speed and capacity advantages of high-band spectrum.”

“The joint test between China Mobile and Sprint proved the benefits of HPUE technology, and China Mobile will continuously promote the availability and deployment of HPUE,” said Madam Yuhong Huang, Secretary General of GTI and Deputy General Manager of China Mobile Research Institute.

Sprint also confirmed that its network is ready for the initial roll-out of HPUE, including in its 250 LTE Plus markets. Samsung, one of Sprint’s most important ecosystem partners, is expected to support HPUE in devices slated for commercial launch in 2017.

Furthermore, Sprint will continue its deployment of three-channel carrier aggregation on 2.5 GHz sites. The company also anticipates leveraging a multitude of advanced technologies including multiple carrier aggregation, 256 QAM, 4x4 MIMO (multiple-input, multiple-output) and Massive MIMO to further enhance the capacity and coverage of its 2.5 GHz TDD-LTE spectrum.

http://newsroom.sprint.com/article_display.cfm?article_id=12399


IEEE Focuses on Ethics for AI and Autonomous Systems

IEEE announced the publication of the first version of Ethically Aligned Design: A Vision for Prioritizing Human Wellbeing with Artificial Intelligence and Autonomous Systems.

The document that encourages technologists to prioritize ethical considerations in the creation of autonomous and intelligent technologies. A key tenet is that AI systems must be aligned to human values and ethical principals.

Contributors to the document include over one hundred global thought leaders and experts in artificial intelligence, ethics, and related issues.

“As we move towards a more fully autonomous world, the first version of Ethically Aligned Design represents a milestone for creating consensus around and developing the methodologies that will ensure humanity utilizes technology that inherently supports and prioritizes our wellbeing and values,” says Konstantinos Karachalios, managing director for IEEE Standard Association. “By providing technologists with peer-driven, practical recommendations for creating ethically aligned autonomous and intelligent products, services, and systems, we can move beyond the fears associated with these technologies and bring valued benefits to humanity today and for the future.”

Version One of Ethically Aligned Design is being released under the Attribution-NonCommercial version of the Creative Commons license for any organization to adopt or utilize, thereby helping expedite ethical considerations in the creation of autonomous and intelligent technologies.

http://standards.ieee.org/develop/indconn/ec/autonomous_systems.html

Google Relaunches Self-driving Car Project as Waymo

The Google self-driving car project has been relaunched as an independent company called Waymo.

Waymo's focus is on fully self-driving cars that operate without steering wheels or human guidance. Its test fleet currently includes modified Lexus SUVs and custom-built prototype vehicles. The company plans to add modified Chrysler Pacifica minivans soon.

https://waymo.com/

Chrysler Pacifica Minivan Joins Google's Self-Driving Car Test Fleet

Fiat Chrysler Automobiles (FCA) will integrate Google's self-driving technology into all-new 2017 Chrysler Pacifica Hybrid minivans to expand Google's existing self-driving test program.

This is the first time that Google has worked directly with an automaker to integrate its self-driving system, including its sensors and software, into a passenger vehicle.

By later this year, around 100 Pacifica minivans will be built for Google's self-driving technology. Google will integrate the suite of sensors and computers that the vehicles will rely on to navigate roads autonomously.

Google, which is testing its self-driving cars in four U.S. cities, said the self-driving Chrysler Pacifica Hybrid minivans will be tested on its private test track in California prior to operating on public roads.

http://www.fcanorthamerica.com
http://www.google.com

Huawei Proposes X-Ethernet for 5G Fronthaul/Backhaul

Huawei is proposing a new X-Ethernet variation to bring TDM-like deterministic characteristics to 5G fronthaul/backhaul deployments.

The Network 5.0 Team at Huawei’s Network Technology Laboratory, part of the company’s “Laboratory 2012” developed the innovative X-Ethernet technology.

Huawei said X-Ethernet fundamentally solves the problem brought by the high bandwidth, determinacy, low-latency, hard isolation and low-cost requirements of 5G. X-Ethernet holds many innovative features such as a Layer 1.5 Switch, Hybrid Multiplexing and Ethernet E2E Flexible Hard Pipe. The Layer 1.5 Switch is based on the native Ethernet kernel.  Since it can avoid L2/L3 packets storage-and-forwarding, deterministic low-latency can be guaranteed. The Hybrid Multiplex technology is realized by enhancing Ethernet code block function.

Huawei has released X-Ethernet technology for 5G bearer networks at the ITU-T 2020 FG Workshop and Demo Day Wireline Technology Enablers for 5G conference in Geneva, Switzerland.

http://www.huawei.com/en/news/2016/12/Huawei-X-Ethernet-Solutions


McAfee Labs Finds 93% of Security Ops Managers Overwhelmed by Alerts

Security Operations Managers are finding it difficult to triage cyber threats due increasing volume of activity and growing complexity, according to a primary research study commissioned by Intel Security.  The newly released McAfee Labs Threats Report details key 2016 developments in ransomware, and illustrates how attackers are creating difficult-to-detect malware by infecting legitimate code with Trojans and leveraging that legitimacy to remain hidden as long as possible.

“One of the harder problems in the security industry is identifying the malicious actions of code that was designed to behave like legitimate software, with low false positives,” said Vincent Weafer, vice president of Intel Security’s McAfee Labs. “The more authentic a piece of code appears, the more likely it is to be overlooked. Just as 2016 saw more ransomware become sandbox-aware, the need to conceal malicious activity is driving a trend toward ‘Trojanizing’ legitimate applications. Such developments place an ever greater workload on an organization’s SOC – where success requires an ability to quickly detect, hunt down, and eradicate attacks in progress.”

Some highlights:

  • Alert overload. On average, organizations are unable to sufficiently investigate 25 percent of their security alerts, with no significant variation by country or company size.
  • Triage trouble. While most respondents acknowledged being overwhelmed by security alerts, as many as 93 percent are unable to triage all potential threats.
  • Incidents on the rise. Whether from an increase in attacks or better monitoring capabilities, 67 percent of respondents reported an increase in security incidents.
  • Cause of the rise. Of the respondents reporting an increase in incidents, 57 percent report they are being attacked more often, while 73 percent believe they are able to better spot attacks.
  • Threat signals. The most common threat detection signals for a majority of organizations (64 percent) come from traditional security control points, such as antimalware, firewall and intrusion prevention systems.
  • Proactive vs. reactive. The majority of respondents claim to be progressing toward the goal of a proactive and optimized security operation, but 26 percent still operate in reactive mode, with ad hoc approaches to security operations, threat hunting and incident response.
  • Adversaries. More than two-thirds (68 percent) of investigations in 2015 involved a specific entity, either as a targeted external attack or an insider threat.
  • Causes for investigation. The respondents reported that generic malware led the list of incidents (30 percent) leading to security investigations, followed by targeted malware-based attacks (17 percent), targeted network-based attacks (15 percent), accidental insider incidents resulting in potential threats or data loss (12 percent), malicious insider threats (10 percent), direct nation-state attacks (7 percent), and indirect or hacktivist nation-state attacks (7 percent).

In the third quarter of 2016, McAfee Labs’ Global Threat Intelligence network registered notable surges in ransomware, mobile malware and macro malware:
  • Ransomware. The count of total ransomware grew by 18 percent in Q3 2016 and 80 percent since the beginning of the year.
  • Mac OS malware. New Mac OS malware skyrocketed by 637 percent in Q3, but the increase was due primarily to a single adware family, Bundlore. Total Mac OS malware remains quite low in comparison to other platforms.
  • New Malware. The growth of new unique malware dropped 21 percent in Q3.
  • Mobile malware. We cataloged more than 2 million new mobile malware threats in Q3. Infection rates in Africa and Asia each dropped by 1.5 percent, while Australia increased by 2 percent in Q3.
  • Macro malware. New Microsoft Office (primarily Word) macro malware continued the increase first seen in Q2.
  • Spam botnets. The Necurs botnet multiplied its Q2 volume by nearly seven times, becoming the highest-volume spam botnet of Q3. We also measured a sharp drop in spamming by Kelihos, which resulted in the first decline in quarterly volume we have observed in 2016.
  • Worldwide botnet prevalence. Wapomi, which delivers worms and downloaders, remained No. 1 in Q3, declining from 45 percent in Q2. CryptXXX ransomware served by botnets jumped into second place; it was responsible for only 2 percent of traffic last quarter.
http://www.intelsecurity.com/

Symantec Files Patent Complaint Against Zscaler

Symantec has filed a patent infringement lawsuit against Zscaler, asserting violation of seven Symantec patents across a variety of network security technologies including web security, data loss prevention, threat prevention, access control and antivirus techniques. This lawsuit is based on U.S. Patent Nos. 6,279,113; 7,203,959; 7,246,227; 7,392,543; 7,735,116; 8,181,036; and 8,661,498.

https://www.symantec.com/about/newsroom/press-releases/2016/symantec_1212_01

du Tests Nokia's 40 Gbps TWDM PON

Nokia has supplied its Time and Wavelength Division Multiplexing Passive Optical Network (TWDM-PON) technology to UAE-based telecommunications service provider du for testing in its lab.  The PON solution is capable of aggregate speeds of 40 Gbps.

Nokia said its unique next-generation Passive Optical Network solution will enable du to upgrade its existing GPON network to XGS-PON or TWDM-PON on a single fiber.

Jasim AlAwadi, Vice President - Network Infrastructure & Services, at du, comments: "With the increased use of smart devices and bandwidth-hungry applications by our subscribers, the demand for an ultra-fast network also keeps increasing. Keeping our customers on the top of our mind, we pioneer by introducing market-leading technologies to them. Our successful test of Nokia's TWDM-PON is proof of this. We are confident that our cooperation will take the country's journey toward IoT and smart cities to the next level."

Rima Manna, head of the du customer team at Nokia, says: "With its current strategy, du is very well positioned to evolve its network now and in the long term, and meet the customer needs of one of the leading broadband countries in the world. With this latest successful test, we reiterate our commitment to du in its endeavor to launch truly innovative services for its subscribers across the country."

http://www.nokia.com/en_int/news/releases/2016/12/13/du-prepares-for-fastest-fiber-broadband-in-the-uae-with-successful-test-of-nokias-next-generation-40-gigabit-twdm-pon-technology

Alcatel-Lucent Intros 10G TWDM-PON

Alcatel-Lucent is looking to bring down the cost of TWDM-PON (Time and Wavelength Division Multiplexed Passive Optical Networks) by allowing different types of optics to be used.  Currently, TWDM-PON requires new optics capable of providing four tunable 10 Gbps wavelengths.

Alcatel-Lucent's new ‘Universal TWDM’ solution enables operators to initially deploy one non-tunable 10 Gbps wavelength and easily add more pluggable as demand grows, providing a smooth upgrade to full TWDM without the need to replace network components, evaluate new technology, or reconfigure operations and business support systems (OSS/BSS).

"The primary obstacle for deploying new ultra-broadband infrastructure and services is the business case. Universal TWDM is Alcatel-Lucent’s innovative solution to this challenge. We are enabling operators to build upon their existing fiber investments while bringing down the total cost of ownership of TWDM technology. This means they can immediately address new high-revenue opportunities for gigabit services while knowing that their investment is future-proof,” stated Federico Guillén, president of Alcatel-Lucent’s Fixed Access Business Line.

The company noted that Universal TWDM and full TWDM-PON can co-exist with current PON technology. Alcaltel-Lucent also estimates that Universal TWDM will have a similar cost as established 10 Gbps technologies, such as XG-PON.

http://www.alcatel-lucent.com/press/2015/alcatel-lucents-universal-twdm-technology-accelerate-deployment-superfast-gigabit-ultra-broadband