Network security strategy

Three years on, EncroChat cryptophone hack nets 6,500 arrests and seizures of €900m

French and Dutch prosecutors say three years after they infiltrated the EncroChat cryptophone network in a novel hacking operation, Europe’s courts are opening the way for more collaboration and data sharing between law enforcement agencies Continue Reading

Orange Business leads team to deliver cloud-native managed SASE to enterprises

Enterprise division of the global telco taps in-house cyber security practice and leading cyber security technology provider to offer simpler operational model for customers with end-to-end accountability, improved agility, efficiency and performance Continue Reading

How to keep network costs affordable

In this week’s Computer Weekly, as demands for networking performance and speed increase, we examine how to keep a handle on costs. Chip makers are investing in PLC technology – the next generation of flash storage – but some think it won’t be worth the effort; we investigate. And we listen in as tech industry leaders and politicians discuss the regulation of AI. Read the issue now. Continue Reading

Huawei slams EU high-risk supplier claims as against principles of free trade

Comms tech giant comes out swinging against being singled out by EC commissioner as having high-risk supplier status in 5G mobile infrastructures Continue Reading

Early June Microsoft outages were result of large-scale DDoS hit

Investigations into recent outages on Microsoft Azure and Outlook services have turned up evidence of a massive distributed denial-of-service attack Continue Reading

Extreme Networks emerges as victim of Clop MOVEit attack

Network equipment and services supplier Extreme Networks has revealed its instance of Progress Software’s MOVEit tool was compromised in the ongoing Clop cyber attack Continue Reading

Barracuda ESG users told to throw away their hardware

Owners of Barracuda Email Security Gateway appliances are being told that they will need to throw out and replace their kit after it emerged that a patch for a recently disclosed vulnerability had not done the job Continue Reading

Executive interview: DNS designer David Holtzman discusses net security

How is it possible for criminals to lure people onto fake websites? Holtzman says it’s because DNS is fundamentally insecure Continue Reading

Why we need a secure side door for encrypted apps, not a back door  

Splitting a decryption key into multiple fragments held by 'guardians', including privacy rights group, may be an answer to policing encrypted messages Continue Reading

Investigatory Powers Tribunal finds NCA EncroChat hacking warrants were lawful

Investigatory Powers Tribunal refers questions over whether messages obtained from the EncroChat encrypted phone network are legally admissible back to the criminal court Continue Reading

CW EMEA: The future of work

In this month’s CW EMEA, we look at the future of work in Europe after the pandemic forced a change in entrenched human behaviour. For years, people talked about flexible working being the way forward, but scepticism within the management of large companies held it back. This all changed when Covid-19 began to spread out of control and governments and businesses quickly told people to work from home where possible. We also look at the increasing problem of IT failures in Dutch hospitals and how they are affecting patient care, highlighting the need to improve IT security in hospitals. Read the issue now. Continue Reading

MPLS and SD-WAN fail to meet needs of modern enterprise

Study from network architect argues modern uses cases have broken the network edge, with both traditional topology and much-touted software-defined replacement not cutting it Continue Reading

Chat control: EU lawyers warn plans to scan encrypted messages for child abuse may be unlawful

Leaked legal advice warns that European ‘chat control’ proposals to require tech companies to scan private and encrypted messages for child abuse are likely to breach EU law Continue Reading

IT Priorities 2023: Distributed IT and hybrid work drive adoption of new networks

Research shows security continues to dominate networking needs, along with the need to support users wherever they are, with firms more than ready to invest in future of work initiatives Continue Reading

6 steps for rapid geographic network segmentation

When segmenting network operations in certain parts of the world, modular network design and geographic domain definition are two vital elements to consider. Continue Reading

Emergency alert test review confirmed after ‘small number’ of mobile users excluded

In wake of emergency alert test on 23 April, government confirms review into why some 4G and 5G mobile phones were excluded Continue Reading

Orange joins forces with industry, academia to build French quantum comms

Leading telco joins industry leaders, start-ups and academic players announce the official launch of a programme in charge of deploying Quantum secure communications networks in France. Continue Reading

Cisco urges users to keep its network hardware up-to-date

In the wake of a campaign of threat activity targeting a six-year-old Cisco router vulnerability, the networking giant has warned users to be on high alert and update their hardware Continue Reading

Enterprise networking sees age of SASE and network as a service

Report reveals complexity of third workspace has transformed how modern IT organisations view network and security, with 98% of IT executives planning to increase investment in cloud services Continue Reading

Tech companies and NGOs urge rewrite of Online Safety Bill to protect encrypted comms

The Online Safety Bill faces amendments in the House of Lords amid concerns that it could weaken the security of end-to-end encrypted communications for UK citizens Continue Reading

Thousands at risk from critical RCE bug in legacy MS service

Thousands of organisations worldwide are at risk from three vulnerabilities – one critical – in a legacy Microsoft service that they may not be aware they are running Continue Reading

Netskope claims hybrid work ‘revolution’ with SASE client and endpoint SD-WAN

Netskope looks to deliver consistent security and superior user experience for hybrid workers through reduced costs and complexity from extended borderless SD-WAN and SASE Continue Reading

APAC IT leaders bullish on tech spending

Over half of respondents in this year’s IT Priorities study have bigger IT budgets as they continue to make strategic investments in cyber security, cloud and automation, among other areas Continue Reading

Podcast: 2023 compliance and storage outlook

Geopolitical instability casts its shadow as organisations must think about cyber attacks, data location and what to do if things change quickly. We talk to Mathieu Gorge, CEO of Vigitrust Continue Reading

WH Smith staff data accessed in cyber attack

The retailer has said that customer data has not been affected by the incident as it is held in different systems, and that investigations into the attack are ongoing Continue Reading

3 important SD-WAN security considerations and features

Device onboarding, control plane security and data plane security are three crucial SD-WAN security considerations enterprises should research when choosing an SD-WAN vendor. Continue Reading

Russian spear phishing campaign escalates efforts toward critical UK, US and European targets

Russian hacking group Seaborgium refines its tactics in a continuation of attacks against targets including not-for-profit organisations with geopolitical affiliations Continue Reading

Killnet DDoS attacks disrupt Nato websites

A series of distributed denial of service attacks on various public websites belonging to the Nato alliance were largely repelled but some resources remain unavailable Continue Reading

Extreme extends network fabric to the edge with enhanced SD-WAN

With ever-increasing threat blanket in wide-area network, cloud networking provider announces automated workflows, user experiences and 10Gbps throughput to boost application performance, lower operating cost and reduce mean time to resolution Continue Reading

Russian hacking group Seaborgium targets SNP MP Stewart McDonald

Scottish National Party MP Stewart McDonald says his personal emails have been hacked by a group linked to the Russian state in a targeted phishing attack Continue Reading

APAC buyer’s guide to SASE

In this buyer’s guide on secure access service edge services, we look at the benefits of the technology, key considerations and the market landscape Continue Reading

Cisco fixes two bugs that could have led to supply chain attacks on users

Two vulnerabilities uncovered in Cisco hardware could have opened the door to serious supply chain cyber attacks, according to the Trellix researchers who found them Continue Reading

Russian DDoS hacktivists seen targeting western hospitals

A swathe of attacks by the Putin-supporting DDoS operation known as Killnet has targeted hospitals and other infrastructure in several Nato countries, with the UK thought to be at risk Continue Reading

Uncertainty persists, but enterprises rush to adopt network as a service

Research shows that enterprise network-as-a-service opportunities abound but comms service providers will need to overhaul investment and go-to-market strategies before adoption becomes widespread Continue Reading

How Aruba is tapping opportunities in networking

Aruba is planning to expand its product portfolio, make deeper inroads into datacentres and drive adoption of network as a service, among other efforts to tap opportunities in the networking market Continue Reading

Orange juices JDE expansion with SD-WAN

Telco’s Business Services division selected by global coffee company to secure end-to-end connectivity offerings for more than 120 locations worldwide Continue Reading

Cloudflare urged to clamp down on pirates, counterfeiters

A whitepaper produced by brand protection specialist Corsearch calls on Cloudflare to do more to stop online content piracy and sales of counterfeit goods Continue Reading

Cloudflare completes SASE offer with Magic WAN Connector

Software-defined wide-area network functionality released by online application acceleration and infrastructure provider Cloudflare to complete single-supplier secure access service edge offering Continue Reading

Warning over ransomware attacks spreading via Fortinet kit

Following the disclosure of a critical vulnerability in October 2022, Fortinet VPN devices were exploited in two known ransomware attacks, with access likely sold on the dark web Continue Reading

Top 10 networking stories of 2022

Here are Computer Weekly’s top 10 networking stories of 2022 Continue Reading

Complaints that NCA failed in duty of candour over EncroChat warrants ‘incredible’, court hears

NCA lawyers argue that a decision by an NCA intelligence officer to disclose notes of a key meeting after two-and-a-half years boosts her credibility as a witness Continue Reading

UK unis implement new IP traffic policies to combat ransomware

Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature Continue Reading

Cops dismantle 48 DDoS-for-hire websites

An operation combining law enforcement from the UK, US, Netherlands and Europol has disrupted 48 of the world’s most popular DDoS booter websites Continue Reading

How Zscaler is cracking APAC’s cloud security market

Zscaler’s head in Asia-Pacific and Japan talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better Continue Reading

Industrial IoT focus of next NCSC startup challenge

The NCSC for Startups programme is looking for innovative ideas to encrypt and secure the industrial internet of things Continue Reading

Wireless security: WEP, WPA, WPA2 and WPA3 differences

As wireless networks have evolved, so have the protocols for securing them. Get an overview of WLAN security standards, and learn the differences among WEP, WPA, WPA2 and WPA3. Continue Reading

CityFibre identifies massive economic gains for Cheltenham, Portsmouth areas through full fibre

Leading independent gigabit broadband provider reveals positive economic and productivity impacts in Gloucestershire and south-coast cities where it has introduced full fibre, running to £145m and £335m respectively Continue Reading

Enterprises embrace SD-WAN but miss benefits of integrated approach to security

Research from managed network and security services provider finds virtually all enterprises have deployed software-defined wide area networks or plan to do so within the next 24 months, but nearly half reported they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all Continue Reading

Global network fragmentation a source of increasing risk

Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures Continue Reading

Cloud, security and automation alter networking roles

Networking pros are no longer in their own bubbles, even if they prefer it that way. The growth of cloud, security and automation is expanding traditional networking roles. Continue Reading

US authorities charge two Chinese spies over telco security probe

Two Chinese nationals have been charged with attempting to obstruct the criminal prosecution of a prominent Chinese telecoms firm Continue Reading

The Security Interviews: Why now for ZTNA 2.0?

With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network access Continue Reading

How to build a zero-trust network in 4 steps

While network teams are responsible for deploying the elements of a zero-trust network, security teams should also be involved in developing the overall zero-trust framework. Continue Reading

A gold medal performance for networking

In this week’s Computer Weekly, we find out how the IT team behind the 2022 Commonwealth Games in Birmingham delivered a winning performance. We also look at how the centuries-old London insurance market is going digital, thanks to Lloyd’s of London. And we find out how low-cost high street stores succumbed to the inevitable and are going online. Read the issue now. Continue Reading

CW APAC: Trend Watch: Cloud networking

Organisations are waking up to the importance of utilising updated cloud services. In this handbook, focused on cloud networking in the Asia-Pacific region, Computer Weekly looks at the technology’s advantages, how Cloudflare keeps its customers protected, Tata’s efforts to strengthen its offerings, and how networking and security might evolve in the future. Continue Reading

CISOs should spend on critical apps, cloud, zero-trust, in 2023

Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading

UK government presses on with new cyber rules for telcos

Government has finalised new security rules for telecoms companies and will move to make them binding in the near future Continue Reading

Amazon Ring vulnerability could have been used to spy on users

A now-patched vulnerability in the Amazon Ring mobile app could have been exploited to expose users’ video recordings, but was complex to exploit, according to the researchers who stumbled upon it Continue Reading

Ukraine war drives DDoS attack volumes ever higher

There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity Continue Reading

Researcher finds 10 vulnerabilities in Cisco firewalls

At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches Continue Reading

Cisco averts cyber disaster after successful phishing attack

A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage Continue Reading

Seacom teams up with BT to deliver enterprise communications services across Africa

Deal with leading UK telco intended for customers of Africa’s first broadband submarine cable system to benefit from what is claimed to be world-class portfolio of network services Continue Reading

APAC organisations warm to cloud networking

Organisations in Asia-Pacific are getting up to speed with cloud networking services, even as they grapple with the challenges of managing a hybrid cloud environment Continue Reading

Reliance on PSN may have exacerbated cyber attack impact

As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks Continue Reading

GSMA warns of potential 5G benefits loss through lack of 6GHz wireless band allocation

Trade body for the global mobile industry publishes industry ecosystem review and rails further against plans to offer the full 6GHz band to unlicensed use, warning a significant portion of the expected benefits of mid-band 5G could be lost if no additional mid-band spectrum is assigned to mobile services in the near future Continue Reading

Shift to remote work sees major rise in cyber crime

Survey finds almost four in five cyber security teams agree that recent changes to working practices have adversely affected their organisation’s cyber security, with one-fifth banning the use of public Wi-Fi by policy Continue Reading

DrayTek patches SOHO router bug that left thousands exposed

Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers Continue Reading

Cato aims to bust cyber myths as it extends network protections

Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network – to explode some cyber myths Continue Reading

Vodafone, Virgin Media O2 commit to mobile access across London Underground

Global communications infrastructure provider announces that all four major mobile networks have now committed to high-speed 4G and 5G-ready mobile connectivity across the Tube network Continue Reading

Netskope focuses on network transformation with ‘elite’ advisory group

Network technologies provider announces formation of Network Visionaries group featuring former AWS, Crowdstrike execs to offer cloud, hyperscale, security and networking expertise Continue Reading

Cato Networks opens Copenhagen point of presence

Cato opens PoP in Danish capital to bolster resiliency and extend converged security and networking capabilities across Nordic region Continue Reading

Colt Technology Services gets SASE with enhanced enterprise network

Customers of enterprise network provider now have access to an integrated service that brings together the software-defined wide area network Continue Reading

A1 Telekom Austria offers VMware SD-WAN

Covering Seven Sites in the CEE Area, leading telco teams with IT services provider to offer a new range managed software-defined wide area network services Continue Reading

Ukraine cyber agency enlists Radware to protect government networks

Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks Continue Reading

How TDCX is building a people-centric business

Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez Continue Reading

China using top consumer routers to hack Western comms networks

An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks Continue Reading

How zero trust unifies network virtualization

The combination of zero trust and network virtualization creates opportunities to strengthen security policies, increase cross-domain collaboration and improve overall visibility. Continue Reading

Singapore doubles down on quantum technology

The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology Continue Reading

Mobile digital transformation – from fast to deep

The first half of 2022 has been a busy time, with much happening in the mobile industry. We consider what the rest of year might hold Continue Reading

Greggs bakes SD-WAN into shops of the future

Food retailer deploys software-defined wide area network to drive the increased use of in-shop devices and ensure consistent, high-quality bandwidth to fulfil growing demand Continue Reading

Cato Networks beefs up SASE offer with Marseilles point of presence

Point of presence in South of France port city joins SASE provider’s global private network of more than 70 PoPs worldwide, extending converged security and networking to the region while expanding in-country resiliency across key territory Continue Reading

CyberUK 22: Data-sharing service to protect public from scams

A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites Continue Reading

NCSC pins Viasat cyber attack on Russia

UK authorities have attributed the 24 February cyber attack on the network of satellite comms company Viasat to Russia Continue Reading

Security Think Tank: Identify, assess and monitor to understand attack paths

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading

Security Think Tank: Defenders must get out ahead of complexity

The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to better understand these attack pathways to fight back Continue Reading

Five TLS comms vulnerabilities hit Aruba, Avaya switching kit

Five new vulnerabilities in the implementation of transport layer security communications leave several popular switches vulnerable to remote code execution Continue Reading

Security Think Tank: Solving for complexity in the network

The modern-day abundance of IT platforms, apps and tools gives the bad guys ample opportunity to move rapidly through the network to hit critical assets. Security teams must understand these attack pathways better in order to fight back Continue Reading

Attackers enlist cloud providers in large HTTPS DDoS hit

A recent large-scale DDoS incident shows how cyber criminals are switching up their tactics to conduct more sophisticated attacks Continue Reading

Orange Business Services delivers global SD-WAN to Siemens

Digital services company and global enterprise division of the global telco teams with leading German technology firm to complete what is said to be one of the largest software-defined wide area network deployments in the world, covering 1,168 worldwide locations across 94 countries Continue Reading

SoftBank invests in Aryaka for international SD-WAN service, SD-core

With the objective of shoring up its international networking service, enabling a flexible and highly secure network that meets overseas customer needs, Japanese multinational upgrades software-defined wide area network and core Continue Reading

BT, Toshiba team on first commercial trial of quantum secured network with EY

Revolutionary computer infrastructure to be used in trial of management consultancy’s aim to connect quantum secure data transmission between its major London offices Continue Reading

US mobile network emerges as latest Lapsus$ victim

Lapsus$ extortion gang hit T-Mobile and attempted to perform SIM-swapping attacks and code theft Continue Reading

Zoom adds new round of cyber security enhancements

Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements Continue Reading

NSO Group faces court action after Pegasus spyware used against targets in UK

Three human rights activists whose phones were targeted by spyware traced to Saudi Arabia and the United Arab Emirates have begun legal action against both countries and Israel’s NSO Group Technologies Continue Reading

Hammers sign Acronis as backup and security in one

West Ham United set to replace separate backup from Veeam and a variety of security products with Acronis Cyber Protect to have backup, data protection and file share on a single platform Continue Reading

Zhadnost DDoS botnet deployed against Finland

A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament Continue Reading

WatchGuard firewall users urged to patch Cyclops Blink vulnerability

The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading

Aryaka addresses accelerating European customer demand with Paris services PoP

As European businesses are hit by supply chain issues, telcos issues and a disrupted workforce, SD-WAN and SASE provider Aryaka claims to guarantee network and application performance through new Paris service point of presence Continue Reading

US shuts down Russia’s Cyclops Blink botnet operation

Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’ Continue Reading

Nasstar appointed to run new secure network on behalf of UK MoD

New SD-WAN developed for facilities management services provider as it works with Ministry of Defence to support applications ensuring secure connection to public and private cloud Continue Reading