STE WILLIAMS

Disaster recovery protection level self-assessment

Angry Bitcoin users are suspected of DDoS-ing the website of China’s central bank following tough new restrictions it levied this week which appear to have forced the world’s biggest Bitcoin exchange into meltdown.

Chinese news site 163.com (via The Diplomat) claimed that the People’s Bank of China (PBOC) web site and weibo account were down intermittently yesterday, possibly as a result of a flood of traffic from abroad.

Both appear to be working as normal today, however the bank will do well to prepare itself for a prolonged cyber backlash – there are plenty of digital currency users and traders all over the world with an eye on revenge given recent events in the Middle Kingdom.

It emerged earlier this week that the PBOC had ordered third party payment providers to stop offering clearing services to Bitcoin exchanges, following on from a previous missive on December 5 that banks were also to cease their dealings with the digi-currency.

Although the news has yet to be officially confirmed by PBOC, it seems to have forced the hand of BTC China, the world’s largest Bitcoin exchange, which on Wednesday announced it would no longer be accepting deposits in Chinese yuan.

According to some estimates, approaching half of all Bitcoin transactions in China come from third party payment providers like Tencent’s Tenpay.

The news sent the price of Bitcoin plummeting 60 per cent on BTC from a December 1 high, according to Reuters. The Chinese exchange accounts for around a third of the global Bitcoin trades.

It’s far from game over for the crypto-currency because individuals in China are still legally allowed to buy and sell Bitcoins. They just have fewer options when they choose to do so.

However, traders in the Middle Kingdom were responsible for much of the currency’s surging popularity over the past year and if things are going the way they are and Bitcoin is eventually forced from the PRC, it’ll be another big wake-up call. ®

The business case for a multi-tenant, cloud-based Recovery-as-a-Service solution

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/12/19/bitcoin_ddos_pbos_china_bank/

Disaster recovery protection level self-assessment

Santander customers are continuing to complain about receiving trojans and other junk to email addresses exclusively used with the bank. The reports began last month, prompting promises of an investigation by Santander. It’s still unclear whether email addresses leaked from the bank or one of its affiliates.

Independent experts said that fingering the source of this type of leak can be hard to determine.

We first heard of problems from Reg reader “Paul” in mid November. “In the last few days, I’ve started to receive a number of spam/virus emails sent to a unique email address only given to and used by the Santander bank to contact me,” he told us.

Checks at the time revealed that Santander had already launched an investigation in response to similar reports, as SC Magazine reported in early November.

A trojan was being sent to private email addresses that, according to complaints and reports, should only have been known by institutions including Santander Bank, the UK Government Gateway and NatWest’s FastPay service. The attacks were first detected by Belgian security firm MX Lab.

A substantial sample of the offending emails contain reference to a supposed “Direct Debiting Seminar Invite” and a trojan in an attached ZIP file, as explained in a blog post by MX Labs here.

Attacks against unique email addresses registered with Santander have continued into December, with another Reg reader reporting the problem a few days ago. It’s unclear whether or not this is the second wave of the same attack.

Reg reader “Andrew” told us: “It appears that Santander may have had a data-breach: the customised unique email address I gave exclusively to them is now being used to send me junk email, trojans.”

According to a thread on UK financial advice website Money Saving Expert, Andrew and Paul are far from the only one to run against this problem. There’s been a steady stream of reports on the issue since mid-November.

There’s no suggestion that any of the bank’s more sensitive systems are leaking, but those who submitted posts to the MSE thread are worried about the junk mail they’re receiving after email addresses supplied to the bank somehow leaked out.

In a statement, Santander told El Reg that it’s continuing to investigate a possible data breach involving email addresses supplied to them:

Our investigation is ongoing. If, when it is completed, a breech [sic] has occurred we will follow the correct procedure in reporting this to the relevant authorities.

These kind of problems crop up regularly and are far from limited to Santander. It’s a familiar story: someone receives a malicious email address in a unique email address box only used to register an account with one entity (typically a bank). They cry foul and tell us the bank must have had its email database breached. This is a regular theme of items in Vulture Central’s mailbag.

The business case for a multi-tenant, cloud-based Recovery-as-a-Service solution

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/12/19/trojans_spam_unique_email_address/

Disaster recovery protection level self-assessment

Politicians and regulators in Europe need to decide whether they want a secure mobile phone system or something their own police agencies – as well as spy agencies in the US, China and elsewhere – are able to easily tap into, according to a renowned security and privacy expert.

Christopher Soghoian, principal technologist of the speech, privacy technology project at the American Civil Liberties Union, told a European Parliament hearing on Civil Liberties, Justice and Home Affairs that keeping foreign intelligence agencies out of mobile phone traffic while allowing local cops access to it is a practical impossibility.

“The NSA employs the best hackers in the world and if they can’t get in directly they will just hack into the cops’ systems,” he said.

Soghoian told MEPs that mobile phone networks in Europe are not safe and the much-publicised interception German chancellor Angela Merkel’s mobile phone is essentially a symptom of a wider problem that’s been years in the making.

“Weaknesses in GSM have been known about for 20 years,” Soghoian said.

It used to be the case that you need government-grade surveillance equipment to intercept communications but it’s now possible for researchers, hobbyists and hackers to build interception kit for a few hundred dollars. As Soghoian explained, “mobile phone interception tech has been democratised.”

That means that the mobile phone conversations of politicians were vulnerable to spying on by paparazzi as well as creating the means for unscrupulous businessmen to hire hackers to spy on their rivals, according to the technology policy expert.

“For years there’s been a widespread failure of telco regulators to prevent threat of interception. It should not have taken the Edward Snowden revelations” to reveal this, Soghoian argued, asking rhetorically: “Regulators have intervened when it comes to roaming fees but what about data security for cellphone networks?”

“Mobile networks are insecure by design and this is not an accident. The needs of local law enforcement and intelligence come first,” he said.

If European regulators and politicians were to go down the road of building more secure telecoms networks then they would be giving up some forms of law enforcement access, though not information such as location data, which needs to be exchanged for a mobile phone system to work, and call records. But this was a price worth paying because European mobile users are “secure against nothing right now”.

There are already secure apps for smartphones but at the time of writing they require action on the part of users, so they’re not widely deployed, according to Soghoian.

Government ministers can be provided with secure phone, which tend to be more expensive. For mass adoption of encrypted voice and text, regulators need to demand it, Soghoian concluded.

A written copy of Soghoian’s testimony can be found here.

Glenn Gleenwald, chief journalistic collaborator with Edward Snowden in the ongoing release of leaked NSA secrets, appeared before the same European Parliament privacy hearing by a video link.

Greenwald told MEPs that the NSA and its allied intelligence agencies were “out to eliminate personal privacy online” by collecting all forms of electronic communication. He said that the NSA was even attempting to break into WiFi systems on aeroplanes, though he didn’t go into details and none of the politicians at the hearing picked him up on the point.

The NSA use metadata to build a network of associates and friends, something Greenwald described as “very invasive”.

“If you value privacy then it would almost be preferable to have the NSA listen in to your phone calls,” Greenwald said in an uncharacteristically semi-flippant aside.

He went on to criticise the “strange and disappointing dynamic” of European politicians welcoming greater knowledge about the actions of intelligence agencies while “turning their backs on Snowden in offering to protect him from persecution by accepting his requests for asylum.”

The lawyer-turned-journalist and privacy activist declined to answer some MEPs questions, for example on the role of intelligence agencies in Sweden, by saying reportage on these particular topics had not yet been completed. The overall, at times slightly condescending, performance was literally phoned in from Greenwald’s pad in Rio. In fairness, he did say that he’d been advised by lawyers that travel to Europe at this time would present opportunities for official harassment.

The European Parliament’s Inquiry on Electronic Mass Surveillance of EU Citizens is expected to issue a report early next year. ®

The business case for a multi-tenant, cloud-based Recovery-as-a-Service solution

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/12/19/europarl_privacy_hearing_soghoian_greenwald/

Disaster recovery protection level self-assessment

A Harvard student used internet privacy tools to send a bomb threat to his university in order to avoid taking a test, it was alleged today.

Prosecutors in Massachusetts accuse sophomore Eldo Kim of firing off an anonymous email that claimed there were a pair of explosive shrapnel-packed devices on campus.

It is alleged the emails were sent at 8.30am on December 16 to Harvard officials, the Harvard University Police Department and student-run daily newspaper the Harvard Crimson. Prosecutors said the messages listed four buildings as possible targets, one being the hall in which Kim and other students were scheduled to take their semester exams.

Investigators searched the evacuated buildings for hours, but found no evidence of any explosives. Kim, 20, was due in court today on a bomb-hoax charge following his arrest.

According to an FBI criminal complaint, Kim took basic steps to mask his identity while sending the threats. It’s claimed the emails were sent from the free Guerrilla Mail service, which was accessed via the Tor network.

Guerrilla Mail, which offers disposable webmail accounts, and Tor, which attempts to cloak a user’s IP address, are favored tools for privacy-conscious netizens, activists, whistleblowers and others operating in areas with strict government control and surveillance of web traffic.

The Feds claim they were able to use logs of the campus wireless network traffic to determine when and where a user accessed the Tor service, ultimately allowing them to trace the webmail activity back to the accused.

According to the FBI’s affidavit, Kim sent the threats as a last-ditch effort to get out of taking his final exam. If found guilty, Kim probably won’t have to worry about that test any more – the charge of sending a bomb hoax carries a maximum sentence of five years in prison and a $250,000 fine. ®

The business case for a multi-tenant, cloud-based Recovery-as-a-Service solution

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/12/18/harvard_bomb_hoax_charge/

About six months ago, the first in a series of leaks that rocked the U.S. intelligence community began to trickle out piece by piece. The source of those leaks was a former NSA contractor named Edward Snowden, a man who will likely close out the year as a fugitive from the country of his birth.

Among the most recent revelations: the NSA has spied on communications of players using online videogames such as World of Warcraft; a decryption effort known as Bullrun created to weaken encryption systems and obtain master keys; and the agency’s big data analysis and visualization system, known as Boundless Informant. The revelations about the aforementioned programs as well as the NSA’s bulk collection of phone records led to several high-profile members of the tech industry — including Google, Apple and Twitter — telling President Obama in a meeting Dec. 17 that the leaks have damaged their industry’s reputation.

And now, President Obama met today with The Review Group on Intelligence and Communications Technologies to discuss their recommendations for changes to the NSA’s surveillance programs. According to the group’s report, the NSA should stop keeping a database of telephone metadata belonging to Americans. Instead, the information should be kept either by “private providers or a private third-party.”

The panel also recommended the NSA not seek to undermine efforts to create secure encryption standards or commercial encryption products and support efforts to encourage the use of encryption technology to protect data.

“The president’s panel agreed with the growing consensus that mass electronic surveillance has no place in American society,” notes Kurt Opsahl, senior staff attorney at the Electronic Frontier Foundation. “The review board floats a number of interesting reform proposals, and we’re especially happy to see them condemn the NSA’s attacks on encryption and other security systems people rely upon. But we’re disappointed that the recommendations suggest a path to continue untargeted spying. Mass surveillance is still heinous, even if private company servers are holding the data instead of government data centers.”

As more and more information has come out about the breadth of the NSA’s programs, it has become clear that trust is broken at all levels of the Internet, says Jeff Hudson, CEO of encryption management vendor Venafi.

“How do we establish trust and authenticate in an online world? We’re quickly realizing what a world without trust looks like, and enterprises and vendors are starting just now to recognize current state and consequences,” says Hudson. “Every organization has to realize that they are under attack, likely compromised and that without the ability to detect and react to both. None stand a chance of winning the cyber battles to come without ensuring that the foundations of trust in our modern, digital world are better protected.”

Michael Sutton, vice president of security research at Zscaler, says that the tech industry is ramping up public lobbying efforts to make sure customers believe companies are doing everything in their power to keep data private.

“At the very least, the companies which enable communication online want to ensure that they are not seen as being complicit in the data collection programs outside of their legal mandates,” says Sutton. “Snowden’s revelations will result in financial damage to technology companies as foreign customers seek to avoid companies doing work in the U.S. for fear that they will have private records subpoenaed. How much damage will be inflicted remains to be seen.”

While some are quick to blame the NSA, they are losing sight of the fact that the agency is tasked with protecting the nation through intelligence gathering and will do so through any legal means it can, Sutton argues.

“The legal process will no doubt play out and some NSA activities may be curtailed as a result,” he says. “However, even if that occurs, we shouldn’t expect the NSA to stop, just alter their tactics. Those that are shocked by the scope of data gathering efforts should focus their frustration not at the NSA … but rather on the politicians that put in place a system which both allows for such broad surveillance and has implemented limited oversight to police it.”

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/government-vertical/intelligence-panel-nsa-should-stop-bulk/240164881

The Washington Post late today reported that its servers were hacked and employee usernames and passwords compromised in the attack, which was detected by a contractor that monitors the news organization’s network.

Post officials today were alerted by incident response and detection firm Mandiant. Officials at the media organization believe intrusion may only have been in the works for a few days, although they do not yet have full details the breadth of the exposed information. Post employees are being urged to change their usernames and passwords, even though those passwords were encrypted.

The news organization’s publishing system, email, and employee personal information appear to be safe despite the breach, the report says.

A server used by The Post’s foreign staff was initially infiltrated, which then led to the breach of other company servers, the report says.

Chinese cyberespionage attackers are considered a likely culprit, especially given the 2011 breach of the Post’s network that had the earmarks of a cyber-spying mission out of China. That attack appeared to be part of a campaign of targeted attacks against major media outlets, human rights groups, and defense contractors. The New York Times and The Wall Street Journal were also hit in those attacks.

The Post in August was the target of the Syrian Electronic Army hacktivist group, which employed a phishing attack that resulted in a Post staff writer’s personal Twitter account being hijacked by the SEA to post its own messages. And some articles from the Post’s website were temporarily redirected to the SEA’s website.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/attacks-breaches/washington-post-servers-infiltrated-empl/240164882

BETHESDA, Md., Dec. 18, 2013 /PRNewswire-USNewswire/ — SANS today announced its tenth annual free holiday hacking challenge. This annual year-end tradition helps teach in-demand cyber security skills for defending computers and networks in a fun and entertaining fashion using classic holiday themes. This year’s challenge focuses on defending critical infrastructure systems, including power grids, water systems, and transportation infrastructures, all based on themes from the classic holiday movie, It’s a Wonderful Life.

In this modern-day retelling, George Bailey, grandson and namesake of the Jimmy Stewart character from the 1946 movie, is in charge of cyber security in Bedford Falls. Attackers attempt to hack into traffic lights, train control systems, and the water reservoir, but are repelled by George’s defenses. But, suddenly, the power grid goes out, leaving the city dark. Participants in the free challenge must match wits with these nasty cyber attackers, analyzing their techniques in-depth to help save the city and George Bailey’s life.

Based on the technical infrastructure of SANS CyberCity project, a miniaturized city featuring real power grid systems and other critical infrastructure components, this lively and informative challenge will help participants pick up valuable real-world skills in defending computer systems and the critical infrastructures they control.

The FREE holiday hacking challenge is available here

http://pen-testing.sans.org/info/146475

Ed Skoudis, SANS Institute Fellow and one of the authors of the challenge, observed, “In this challenge, our biggest and best ever, we used the components of the SANS CyberCity project to create something really special. We want to share this with people to help them build their defensive skills.”

Josh Wright, co-author of the challenge, said, “Working through this challenge, participants will explore numerous features of CyberCity, the kinetic cyber range SANS built to help train people about the kinetic impact of cyber attacks and how to defend critical infrastructures. They’ll analyze numerous attacks against the real-world industrial control systems and related components of CyberCity, trying to figure out how the bad guys targeted and exploited the town.” Ed Skoudis completed the thought, “Along the way, they’ll also see several defenses that blocked many of the attackers’ attempts, and they’ll help ensure that George Bailey and Bedford falls have a happy holiday season.”

This year’s Holiday Hacking challenge is sponsored by SANS CyberCon Spring 2014, a complete SANS training event held virtually across the Internet. Our grand prize for the very best answer is a free SANS course offered at CyberCon February 10-15, 2014, an over $4,000 value! For details and to participate, please visit: http://pen-testing.sans.org/info/146475

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest source for world-class information security training and security certification in the world, offering over 50 training courses each year. GIAC, an affiliate of the SANS Institute, is a certification body featuring over 27 hands-on, technical certifications in information security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet’s early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community.

(www.SANS.org)

Article source: http://www.darkreading.com/management/sans-tenth-annual-holiday-hacking-challe/240164885

The World Federation of Exchanges (WFE), the trade association for the world’s stock exchanges, has formed a central committee on cyber security, to work on how exchanges should go about protecting themselves from cyber attacks.

The WFE counts most of the world’s stock, option and futures exchanges among its members, and initial committee inductees include the operators behind NASDAQ and the New York Stock Exchange (NYSE), as well as exchange firms from Australia, Canada, Germany, Saudi Arabia and Switzerland.

The chair of the group will be Mark Graff, CISO of NASDAQ parent company NASDAQ OMX, who described his mission as “to combat systemic cyber abuse”.

Exchanges are a clear target for both financially-driven and politically-motivated attacks.

Terrorists and activists see exchanges as prime examples of rapacious capitalism, and consider damaging them a blow against the rich and powerful, or even against capitalist societies in general.

The world’s financial systems are a popular target for fictional supervillains too.

In terms of financially-motivated attacks, exchanges are ripe with information that could be hugely valuable, and could also be open to malicious manipulation if penetrated.

In the past, the main stock-related security issue we’ve seen has been pump-and-dump scams. These mainly targeted people dealing in stocks rather than the exchanges themselves, but some operated by hacking into trader accounts too.

This sort of scam was pretty common a few years ago, and continues to crop up from time to time.

A report commissioned by the WFE earlier this year found that 53% of exchanges had been hit by attacks in the previous 12 months, which may seem a surprisingly low figure given other attack rates reported elsewhere.

Back in 2006, a malware infection took out the Russian stock exchange for a time, while in 2009 the NYSE left potentially crucial information on its networks exposed on a public server.

In 2011, NASDAQ was hit by a possible hacking attack on one of its web applications serving data to company directors.

Later the same year, the Hong Kong exchange was downed for a while after hacking and DDoS attacks targeted its website on consecutive days.

Earlier this year, attack simulations found plenty of vulnerabilities in the US equities markets.

With all this going on, many commentators agree that it seems like well past time for the exchange community to start working together to develop countermeasures and best practices for securing their systems and networks.

Committee chair Graff claims to have been surprised by the lack of communication between security staff at different exchanges, and stressed the importance of collaboration and information-sharing.

Indeed three of the WFE committee’s four guiding principles relate directly to cooperation and sharing of ideas and data:

• Establishing a communication framework among participants based on mutual trust
• Facilitating information sharing, including threat intelligence, attack trends, and useful policies, standards and technologies
• Enhancing dialogue with policy makers, regulators and government organizations on cyber threats for fair, transparent and efficient markets
• Supporting improved defenses from both external and internal cyber-based threats against the markets.

The committee will have its work cut out setting down best practices for exchanges and getting them implemented in diverse environments around the world, especially if the first step is something as basic as getting people to talk to each other.

Let’s hope they can get things organised before any more serious breaches can be perpetrated.

Follow @VirusBtn
Follow @NakedSecurity

Image of stock exchange courtesy of Shutterstock.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/RoxTJ1pSrrg/

Disaster recovery protection level self-assessment

Seagate’s EVault cloud backup sub has launched a Glacier cloud archive competitor, priced at $15 per GB per month with instant data access and data preserved intact for decades. It will use Seagate Kinetic drives in the future.

Amazon started the cloud archive ball rolling big time with its Glacier service costing $0.01/GB/month with data retrieval access taking three – five hours. Retrieval can also cost money but Amazon says customers get five per cent of retrievals free each month.

LTS2 is EVault’s Long Term Storage Service, with data stored in EVault data centres using Seagate disk drives. The service effectively costs $0.015/GB/month; you pay half as much again as Amazon for the much faster retrieval. It is an object-based storage scheme, built on the OpenStack Swift technology, and features:

• Comprehensive SLAs for availability and data durability, portability, and survivorship.
• Continuous data integrity checking and self-healing.
• Multiple copies of data.
• Scalable—allows unlimited number of objects and containers.
• Physical media for bulk data import and export.
• Instant retrieval as it’s disk-based – five seconds first-byte latency.
• Access via Swift API, S3 API, existing backup/archive applications and 3rd-party cloud storage gateways.
• Metadata services for categorising and finding data.
• Auditable event tracking for data access monitoring.
• SSAE 16-compliant data centre infrastructure in Bluffdale, Utah.
• In-flight and at-rest data encryption via cloud gateway.

The less than five seconds to first byte latency suggests that spun-down disks could be being used, although EVault isn’t supplying any details in this area. We also suspect Seagate’s shingled magnetic recording (SMR) drives are being used but EVault is staying schtum about that too.

Seagate says it’s shipped a million SMR drives but they have not been publicly announced and Facebook, a known SMR drive using customer, is trialling WD SMT spindles, not Seagate ones. So, maybe, EVault, Seagate’s subsidiary, is the mystery recipient of a million SMR Seagate drives.

More EVault LTS2 data centres with geo-replication will be opened world-wide in 2014 to better comply with local data protection and privacy laws.

EVault has been engaged in an OpenStack project and the LTS2 service is a direct result of that. It says it’s a trustworthy supplier because it’s backed by Seagate and has some 43,000 companies using its existing cloud backup service. It says LTS2 has up to 99.999999999 per cent data durability over a given year – or “eleven nines”. It claims it is “the only cloud storage provider to include a Service Level Agreement (SLA) for durability.”

You can transfer all or a portion of your data without transfer or request fees as long as the transfer amount of data does not exceed your average monthly storage volume over the past 2 years. For data transfer out from EVault LTS2 to Internet it’s $0.07/GB over 5 per cent of the average amount of data stored.

EVault says it’s “targeting any long-term storage use case where the read is infrequent and the content stored is rich-data (i.e. large objects). Some examples are media and entertainment, medical imaging, magnetic tape replacement, and the protection of cultural and corporate history.”

LTS2 blog

You can read more about LTS2 and EVault’s OpenStack project in a blog written by EVault’s Mikey Butler, VP for IaaS research and development. He writes that: “Over the next five years EVault and Seagate will create the world’s largest, most durable, cost effective, easiest to adopt, disk archival cloud.”

Butler gives an insight into the scale of the storage involved: “Our archive cloud must exceed 8 exabytes to achieve our pricing objectives. That’s 2 million 4TB drives without resiliency overhead! … Our target is 30-40 per cent resiliency overhead at most.” Which means 2.8 million spindles at 40 per cent.

The rate of disk faults at the scale is stupendous: “Modeling done at a major university for Sandia Labs shows that at 1 million drives one can expect a significant disk fault every 6 seconds.” That rules RAID and its associated rebuilds out and makes object storage with its self-healing characteristics the only feasible way to go.

The current eleven-nines of data durability isn’t enough: “We want 13+-nines of durability with objects distributed across multiple disks, storage nodes, data centres, [and] geographic risk zones.”

The blog conforms that spin-down disks are used: “We want our cloud to have 93 per cent of the drives powered down at any one time with the remaining 7 per cent powered up and providing object location and health information.”

Kinetic drives coming

Butler says LTS2 will use Seagate’s Kinetic drives: “Kinetic is a dramatic re-imagining of the disk drive. Instead the familiar SATA, SAS or SCSI block storage device, Kinetic is an Ethernet-connected, object-friendly key value drive with a generous amount of compute on board! Now disk drives can do much more on their own helping us more easily address many of the above mentioned challenges. For example, with Kinetic, it is now possible for drives to do object consistency checking and inter-drive object migration on their own without servers being in the data path, which implies fewer servers … LOVE IT!”

LTS2 pricing details are here and you can access a service FAQ here. ®

Bootnote See also Quantum’s Q-Cloud as an alternate cloud backup and archive service, priced from as little as $0.01/GB/month once you have 72TB of stored data, and faster data retrieval including local storage-based restores off a front-end DXi appliance.

Quick guide to disaster recovery in the cloud

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/12/18/evault_launches_fasterthanglacier_cloud_archive/

Redwood City, USA, December 18, 2013 ̶ NominumTM, the provider of integrated subscriber, network, and security solutions for communication service providers (CSPs), today announced the launch of its Vantio CacheServe 5.4 software, which introduces ground-breaking rate limiting technology to allow CSPs to minimize the effect of DNS amplification attacks on network performance.

Nominum’s Vantio CacheServe 5.4 introduces industry-leading precision policies which can be used to rate limit DNS traffic based on specific criteria, including by type of query, by client IP or response size.

The release of the latest version of Vantio CacheServe follows the worldwide launch of Nominum’s network security solution Vantio ThreatAvert last month. ThreatAvert combines the power of the Vantio CacheServe and its precision policies with the Global Intelligence Xchange (GIX) platform, a real-time database of malware threats, to provide a foundational security layer to protect CSPs from threats emanating from within networks.

Vantio CacheServe DNS software has a proven track record of defending against multiple attacks including botnet related activities, malware exploits, DNS amplification, DoS / DDoS, and outbound spam. The latest version of the software includes upgrades allowing:

– Improved broadband subscriber experience during an attack by increasing bandwidth availability and decreasing the response time of DNS infrastructure

– Increased protection of server and bandwidth resources

– A reduction in the number of customers impacted by attacks, resulting in fewer complaints

Hari Krishnan, Director of Product Management, Nominum, says: “Sophisticated DNS amplification attacks are becoming an increasingly common problem for CSPs, who have a responsibility to their end-users to deploy the most advanced protection for network infrastructure to minimize impact to customer experience.

“Nominum is committed to developing ground-breaking security solutions to help CSPs protect themselves, and their customers, by leveraging the expertise derived from our rich heritage in developing the DNS architecture used by CSPs around the world.”

Craig Sprosts, VP of Product Management, Nominum, says: “The new precision policies that have been applied to Vantio CacheServe and Vantio ThreatAvert provide the only way to stop the latest DNS amplification attacks using the DNS itself, without blocking legitimate traffic. Only a month ago we launched Vantio ThreatAvert, which combines precision policies with the unique capability of Nominum’s GIX platform to detect attacks days, or even hours, before alternative solutions. The additional precision policies available in this release, plus the real-time threat updates delivered by GIX, provide unmatched protection against this critical threat to our customers worldwide.”

About Nominum

Nominum provides innovative software that leverages DNS data to deliver a reliable, safe and personalized Internet experience for Communication Service Providers and their subscribers. The company’s Vantio tm DNS Software and N2 applications arm CSP’s to avert insider threats that could impact network availability and reputation. Nominum enables CSPs to engage with customers to deliver unique services and revenue opportunities and to build brand loyalty. Today, Nominum’s carrier-grade software processes over 1.5 trillion queries daily and is deployed by the largest fixed and mobile operators worldwide. Nominum is a global organization headquartered in Redwood City, CA

Article source: http://www.darkreading.com/end-user/nominum-launches-tool-to-minimize-effect/240164874