Urban security learning

CERT-LatestNews Malware Security News SocialEngineering ThreatsActivists ThreatsCybercrime ThreatsEconomic ThreatsStrategic

On urban security, what can UK cities learn from Israel? asks Maya Canetti, Director of Product Marketing at network security product company, Allot Communications.

Israel has long been a global leader in the provision of urban security. As old school detection methods such as video cameras and radio chatter work alongside social media monitoring, cyber defence and the analysis of big data, the advancement in prevention and defence security technology has had to keep pace with an evolving threat landscape. So, what can UK cities learn from the Israeli approach? Specifically, security leaders in UK cities must ensure:

Protection against volumetric attacks such as DDoS (Distributed Denial of Service) attacks

Network Behavior Anomaly Detection (NBAD) technology should be deployed to best address the scale, diversity and fragmented nature of DDoS attacks. Israeli service providers have been targeted over the years by various threat actors trying to paralyse public networks or systems, interrupt service, or simply demonstrate their skills or malicious capabilities. The first line of defence for Israeli service providers combines several technologies. Proactive static defence using traffic shaping limits the traffic to each resource capacity and assures that critical infrastructure elements protecting the network such as firewalls and routers cannot be overwhelmed by a DDoS attack, and dynamic inline DDoS protection surgically mitigate attacks when they occur without over blocking legitimate users traffic. The multi-layer approach has proven to be effective and successful in protecting against major attacks such as the well-known coordinated DDoS attacks organised by hacker group #opIsrael.

Preventing the next WannaCry

In recent years the spread of ransomware is intensifying worldwide. The majority of Ransomeware use the same technique. Innocent users are first lures to access a compromised site or file such as email attachment to inject a malware. Once downloaded to the endpoint, this malware encrypted the entire endpoint data and asks for ransom to decrypt it. The recent famous WannaCry ransomware which severely disrupted networks and business worldwide also used this technique. It was distributed via email, compromised sites and SMB (Server Message Block, a basic protocol in Windows to communicate in a LAN). Network-based anti-malware technology can effectively detect infected emails and prevent their download as well as block the access to compromised sites to millions of end-points before they can encrypt any data.

QoE/QoS (Quality of Experience/Service) for high priority communications and mission critical applications

The rapid increase in IoT device sprawl brought with it ultra HD surveillance cameras into homes in order to make them safer and smarter. This causes a dramatic increase in both the number of devices and in the network resources they consume, congesting service providers’ networks and creating a real challenge: how to make sure homeland security, traffic which uses the same limited resources and requires real-time inspection, is not impacted and disturbed. Many Israeli cities use video surveillance to strengthen their security. With application awareness and traffic management, which identify the unique patterns of homeland security cameras vs. home cameras and other devices, high priority network traffic can be prioritised so it will flow uninterrupted at all times. This technology is used by operators in Israel to make sure that military, law enforcement or government communications are uninterrupted and prioritised in emergencies such as a terror attacks.

A combination of these approaches is crucial for any major city looking to maintain the security of its infrastructure at all times.