While there have been many intrusions, compromises, breaches, and incidents that have made news in the IT and InfoSec industries throughout 2022 and into this year, when events or threats like Storm-0558 gain coverage by mainstream media, we often get questions about Corelight’s ability to detect threats through our sensors, products & platform.
Border Gateway Protocol (BGP) is the de facto inter-domain routing protocol used on the Internet. It enables networks and organizations to exchange reachability information for blocks of IP addresses (IP prefixes) among each other, thus allowing routers across the Internet to forward traffic to its destination. BGP was designed with the assumption that networks do not intentionally propagate falsified information, but unfortunately that’s not a valid assumption on today’s Internet.
Businesses today are more dependent than ever on technology, making strong threat detection and response strategies essential. Cybercriminals in the modern world are constantly looking for new and creative ways to hack into organizational networks and steal sensitive data. Comprehensive visibility is a crucial element that is sometimes paid less attention to yet is the foundation of efficient threat detection and reaction.
Trust is hard to earn but necessary for any successful relationship. As organizations build the systems to support Zero Trust, they find themselves balancing security and functionality across their operations. Incident Response and Network Operations in particular can be full of traumatic experiences, and as we sink into those moments the typical responses are freeze, flight, or fight.
The recent Trustwave SpiderLabs report, Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape, offers a detailed look at the typical attack flow used in a variety of cyberattacks. The attack flow discussed in the report focused on what a healthcare organization might face, but for the most part, attack flows stay the same regardless of the vertical being attacked.