Story image

Ixia survey finds network complexity is weakening enterprise security

27 Mar 17

The first Ixia Security Report has found that it’s not just malware that’s causing havoc in organisations, but also the sheer complexity of organisations’ own networks.

The report, produced in conjunction with the ATI Research Center, found that organisations may be causing some of the trouble themselves.

According to a survey by Enterprise Management Associates, the average enterprise is using six different cloud services and network segmentation is on the rise. 

54% of organisations are monitoring less than half of those segments and 19% of companies believe their IT teams are trained on the range of network appliances they’re using.

“Organisations need to constantly monitor, test, and shift security tactics to keep ahead of attackers in the fast-paced threat landscape we all deal with today. This is especially important as new cloud services and increased IoT devices are routinely being introduced,” explains Steve McGregory, senior director of Application Threat Intelligence at Ixia. 

“To do this effectively, organisations must start by studying their evolving attack surface and ensure they have the proper security expansion measures in place. Simple but effective testing and operational visibility can go a long way to improving security,” he continues.

Additional highlights from the Ixia Security Report and ATI Research findings include:

Passwords that remain the defaults or far too predictable:

These include “root” and “admin” and also “ubnt”, the default username for AWS and other cloud platforms using Ubuntu. IoT devices featured “pi’ for the Raspberry PI. Others included “123456”, “support” and “password”. 

URI Paths and CMS exploits:

Brute force WordPress login URI paths included /xmlrpc.php and /wp-login.php. The research also found many attempts to scan the phpinfo() function and that most URIs attempted for attack were PHP based.

Malware still reigns supreme:

Malware and ransomware dominated in 2016. Top phishing targets included Facebook, Adobe, Yahoo and AOL.  Adobe was the common target for drive-by updates that delivered malware.

“Understanding your network breadth across physical, virtual, and cloud assets is critical to protecting it. We see that network segmentation adoption is on the rise, but that up to half of those segments are not being monitored,” comments Jeff Harris, Vice President of Security Solutions at Ixia.

"We anticipate that network visibility into every segment, IoT monitoring and AI will be some of the key security topics in 2017,” he concludes.

Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."