Blue Ridge Networks’ mission is simple: we’ll spare you the corporate hyperbole and say we want to protect you and your interests from the malicious forces out there who seek to damage you, disrupt your operations, and steal the things you work hard to create. While there are those out there who would gladly destroy your business, BRN is working diligently to protect it.

Our solutions are being more-widely deployed in the industry because they work, and Blue Ridge is proud to announce that with the end of June we mark another month with zero reported breaches. That’s zero reported breaches – ever. In fact, our methods are so iron tight that in Gartner’s Top 8 Cybersecurity Predictions for 2022-2023, they declare that 60% of organizations will embrace Zero Trust as a starting point for security by 2025. They note this will require a “cultural shift and clear communication that ties it to business outcomes to achieve the benefits,” and that is exactly what Blue Ridge Networks is here to do for you.

Although the Gartner article referenced above says this shift will occur by 2025, we obviously recommend you don’t wait. In the same article, they also prophesize that by 2025, threat actors will have weaponized operational technology environments to cause human casualties. We believe this capability already exists, and KNOW our solutions can stop these catastrophic attacks before they begin.

By John Higginbotham
CEO, Blue Ridge Networks

The cyberwar on critical infrastructure is here. Unlike cyberattacks in the past traditionally motivated by profit, the goal now seems to be the destruction of Western society. Corporate leaders in America should listen to President Biden when he says it’s our patriotic duty to be vigilant and protect ourselves from Russian cyberattacks amid the invasion of Ukraine.

This isn’t the first war Blue Ridge Networks has been through, and I doubt it will be the last. But it’s clear this war has the potential to change everything. That’s why we are protecting our clients on the frontline and urging IT leaders to reimagine what they’re doing to insulate their networks from bad actors.

Recently, Ukrainian officials said they thwarted a Russian cyberattack that could have knocked out power for 2-million people in the country. About a month ago, Anonymous hackers attacked the pipelines and refineries of Rosneft Deutschland, the German subsidiary of a Russian state-owned oil company, as part of an effort to punish Russian interests  for the war in Ukraine.

I bring up these two specific attacks not only because of their national security implications, but also because they demonstrate that increased attacks are coming from both state actors and loosely aligned groups whose members may never be fully identified.

The IT world is trained to approach cybersecurity problems in an environment of visibility—determining who is accessing your network from where for what effect. But the biggest problems we face today comes from our lack of perfect visibility. Gartner has estimated there is insufficient visibility in up to 70 percent of network operations in critical infrastructure to assess vulnerabilities. Breaches increasingly occur from unknown and undetectable threats . Most breaches aren’t discovered until months or even years after the fact. Our critical infrastructure can’t afford to wait that long. When the problem reveals itself, it’s already too late.

Traditional cybersecurity products based on detection and response methodologies are increasingly ineffective in protecting against zero-day malware, which have no virus definitions or signatures. Even heuristic and AI scanning can’t protect against many forms of sophisticated, targeted new cyberthreats designed to avoid detection. IT cybersecurity approaches are often not compatible with legacy operational technology (OT) infrastructure such as industrial control systems, rendering them vulnerable to cyberattacks. Healthcare, transportation, energy, agricultural, water management, and other critical infrastructure sectors now all face incredible risks to maintain operations in this zero trust environment.

Innovative zero-trust solutions designed to prevent breaches from occurring such as LinkGuard and AppGuard from Blue Ridge Networks are able to protect critical infrastructure and operations by eliminating vulnerabilities to cyberthreats. LinkGuard effectively segments networks, isolating and containing vital network assets from discovery and data exfiltration. AppGuard breach prevention uses patented techniques to stop ransomware and other zero day threats without detection. These solutions elegantly remove the dependency, complexity, and overhead to autonomously prevent breaches.

We’re all in this together.  Blue Ridge Networks is committed to making it easier and more effective for businesses to do our patriotic duty to protect ourselves and our national assets.

Cybersecurity Ventures predicts there will be 6 billion internet users by 2022 (75% of the projected world population of 8 billion) — and more than 7.5 billion internet users by 2030. VPNs have been around nearly as long as the internet, earning their keep as a means of connecting remotely to a private network over a public connection. The appeal is justified, as VPNs are easy to use, cost effective and boost productivity by enabling remote users to securely access company resources from anywhere. VPNs and other remote network access software are so commonplace now that most enterprises assume that by using them they have checked off necessary security boxes, and are still as secure as they were 10 years ago. But, hackers have proven that VPNs alone are not a sufficient security strategy.

For even the best managed enterprise networks, vulnerabilities are created when network access needs to be provided to non-employees— i.e. contractors, business partners and others. One of the most high-profile examples is the Target breach in 2013, in which attackers worked their way into the company’s network by compromising a third-party vendor. Hackers are developing advanced techniques of identifying vulnerable points of entry—and it only takes one— with many breaches capitalizing on remote access given to members of the extended enterprise.

In January, Cisco released an alert for customers using network security devices and software that support VPN connections configured with their WebVPN clientless VPN software. It was found that firewalls, security applications and other devices configured with WebVPN were vulnerable to web-based network attacks that could give attackers full control of devices — given a Common Vulnerability Scoring System rating of Critical.

Balancing Productivity with Network Security

In addition to telework, establishing third-party connections to critical business applications is necessary for most enterprises to support day-to-day business operations. Gaps in security infrastructures arise when companies prioritize productivity over security, balking at the idea of adding security measures that make individuals jump through hoops to get to the information they need. While most IT leaders recognize the value of authentication to enhance user log ins, many of the leading market options, such as RSA SecurID and smart cards (used by the U.S. government) put too much burden on the end user and are quite expensive.

Two-factor Authentication is the Key to Truly Secure Remote Connectivity

For the typical enterprise, user discretion is involved in order for them to prove who they are to get access to corporate resources, which could be considered the root of the problem. Leaving authentication in the hands of the user is a surefire way for mistakes to happen. After all, when’s the last time you made a mistake? Even a bigger challenge is authenticating third-party users who don’t have the built-in foundation of a solid cryptographic VPN, which makes it impossible and impractical to authenticate. Without that level of credentialing, you may as well as be having a private conversation with a stranger.

When enterprises think about cybersecurity, many turn to the guiding principles in the CIA triad — confidentiality, integrity and availability. But, when it comes to VPNs there’s a missing element: authentication. Without strong authentication in place, you cannot be assured of confidentiality.

At Blue Ridge Networks, our LinkGuard platform checks all the security boxes, including built-in, mutual mandatory authentication. By leveraging built-in authentication, our solution doesn’t depend on user discretion to access enterprise resources, taking the risk and vulnerability out of the equation. When a user enters their pin to establish a session, the LinkGuard appliance authenticates the identity of each other autonomously and creates an end-to-end encrypted tunnel. Establishing the end-to-end encrypted tunnel ensures that no information is sent in the clear, greatly reducing the attack surface of that subnet.

VPNs Add to Network Complexity

Remote access aside, VPNs contribute to one of the fundamentally biggest problems with traditional networking – complexity. When third-party contractors, vendors and partners need to remotely access enterprise resources, IT teams already must jump through hoops to configure firewall policies, VLANs, routing rules, Network Address Translations (NATs) and Access Control Lists (ACLs). Adding a VPN to manage and configure adds to the overall complexity of network configuration management which, in turn, could lead to greater security vulnerabilities.

Based on the Zero Trust methodology, LinkGuard provides the highest level of security autonomously – seamlessly protecting and connecting your most critical infrastructure and assets and allowing your IT teams to focus on more critical functions. LinkGuard enables secure connectivity and future-proof breach prevention across the enterprise – wherever it’s needed, without costly or time-consuming IT overhead.

VPNs are practical for users who need access to non-critical information, but for those who need access to sensitive information, a VPN simply isn’t enough to ensure privacy. LinkGuard appliances allow enterprises to connect, isolate/contain, cloak and manage networks, users and devices from one point to another through end-to-end encrypted tunnels instantly, without the need to establish or configure complex and time-consuming rules and policies. This approach not only enables a seamless and secure networking environment, but also cloaks the devices protected by the LinkGuard appliances, which makes them invisible to other networks.

 

Want to learn more about a seamless alternative that provides secure remote access to critical assets? Learn more here.

 

 

“If it ain’t broke, don’t fix it.” Despite the continued acceleration of cybercrimes, a shocking number of organizations take this line of thinking when it comes to cybersecurity.

If you have been lucky enough to remain unscathed from the latest wave of sophisticated cyberattacks, you probably assume that your existing security technology is working just fine. However, if you haven’t been breached yet, there’s a very good chance that you eventually will. Or, that you have and you don’t even know it.

Of the countless organizations who have been victim of an attack, most aren’t sure how it occurred or what to do about it. In fact, a recent survey by Bitdefender found that among companies who’ve been breached, three out of four CIOs don’t know how it happened.

This surge of cyberattacks shows no signs of stopping. Two billion records were stolen in the first half of 2017, according to survey by Gemalto — a 164 percent increase over the previous year.

How Cyber Attackers Get In

In 2015, there were about 15.4 billion Internet-connected devices. According to IHS Markit, this number will grow to 30.7 billion in 2020, and 75.4 billion by 2025. While cyber attackers continue to evolve and advance their methods, we are seeing recurring techniques emerge. One of the most common patterns begins with identifying the lowest common denominator, such as a poorly managed device, and working their way to the core of operations to extract information. This means that a company’s cyber resiliency is no better than its weakest link.

The growth of IoT and network connected operational technology (OT) systems, such as ATMs, point-of-sale devices and security cameras, have created opportunities for companies to enhance the customer experience and accelerate innovation, but also open the door to major data vulnerabilities.

Let’s look back to the 2015 attack on the Ukraine’s power grid, which disrupted electricity for more than 230,000 customers. It was later determined that hackers gained access to the utility’s SCADA network and manually switched off power to electrical substations. While security experts found that the control systems at the utility were robust, separated from the control center business networks with strong firewalls, they weren’t secure enough. As a result, hackers were able to hijack employees’ SCADA network credentials to take control and disrupt power to a significant number of Ukrainian residents.

Neutralize Breaches by Taking Network Segmentation to the Next Level

The reality is that there are certain parts of a business which have no reason to be visible to the rest of the world and therefore should not be connected to even a well-defined perimeter. It is time to take network segmentation to the next level — making IT and OT undiscoverable from each other.

This involves completely isolating the OT that supports enterprise operations, which was never intended to be publicly accessible, from vulnerabilities inherent in an IT environment. However, this needs to be done without disruption to the way employees work, giving staff the freedom to perform their functions and access what’s needed to do their jobs well.

At Blue Ridge Networks, we help companies ensure that their networks are protected from vulnerable connected devices. Our LinkGuard platform isolates and contains network environments, creating secure enclaves that ensure the privacy and integrity of all traffic and eliminate the risk of unauthorized access. Only pre-authenticated endpoints are authorized to access the secure enclaves and LinkGuard-enabled endpoints uphold policies to ensure that nothing can leave or enter the secure enclave, avoiding the risk of malware incursion or data theft.

Preventing Cyber Attacks – The Shift Starts from the Top-down

The threat of malicious network attacks is very real, and it is time for companies to decide that falling victim to a breach because of ineffective defenses is simply not an option. Security planning and policies cannot just live in the IT department. A commitment to improved cybersecurity has to start from the top, with board and C-level executives making cyber security a top priority and actively engaging with IT to better understand what’s being done today and where improvements can and should be made. When leadership and IT partner together to improve the company’s security posture, executives can trust IT decision makers to make needed strategic security investments and improvements and in turn, IT can trust that leadership will support it.

Tomorrow is a new day, and with it comes new attack vectors utilized and new companies caught off guard and victimized. Traditional cybersecurity approaches are broken — attackers are all too aware. It’s time to take action and isolate your operational infrastructure to keep it safe from IT vulnerabilities.

Want to learn more? Read our LinkGuard solution brief to find out how you can isolate and contain your network.

Another week, another security vulnerability in the headlines. This one is especially bad and extremely widespread. Meltdown and Spectre leverage flaws in processors from Intel, AMD, and ARM-licensed processors that enable a variety of sophisticated cyber-attacks. For these vulnerabilities to be exploited, an attacker must be able to load or construct a specific sequence of instructions on the target system, which is already a common occurrence with application malware today. Unfortunately, the scope of these vulnerabilities and the fact that they exploit weaknesses directly on processors means there are some hard truths to keep in mind.

Reality number one: no software-based cyber security solution can completely mitigate the threats that these newly discovered vulnerabilities have created.

Reality number two: this is just the beginning of these side-channel attacks. Attackers are getting increasingly sophisticated about circumventing current security methodologies, studying all aspects of hardware and software to detect and capitalize on vulnerabilities faster than ever before.

While enterprises have been working to mitigate the apparent threats via released patches from Microsoft and others, it’s been a wake-up call to many that a new approach to cybersecurity is needed.

The Implications on AppGuard and EdgeGuard

AppGuard for endpoint security provides a new level of protection that doesn’t focus on the detection of malware, but rather on the prevention. It prevents breaches from occurring by disrupting the earliest and subsequent stages of cyberattacks that are undetectable by other endpoint cybersecurity solutions. AppGuard prevents malware from detonating without requiring scanning, updates, or signature-based detection.

Since attacks are stopped at the first stage, most of the attack vectors used to trigger Spectre and Meltdown are halted. Other tools only act after malicious code detonates. This not only exposes endpoints to greater harm but also increases the amount of IT resources needed in the enterprise.

We extend that unique security to remote access with our EdgeGuard solution, enabling users to turn almost any laptop or desktop into a trusted terminal. Here’s a quick look at the implications of Spectre and Meltdown on those devices as well.

EdgeGuard may provide the best enterprise protection from end-point PCs with this vulnerability. Even if the native OS software has been previously subverted, EdgeGuard loads its own OS and user application. The EdgeGuard design excludes the execution of externally introduced software that could use Spectre/Meltdown vulnerabilities to attack EdgeGuard during the user session, which in turn could harm the enterprise.

With EdgeGuard, any prior successful attacks on the underlying PC are made irrelevant for the duration of the session because the device is isolated from the underlying operating system. EdgeGuard includes its own host OS as well as the virtual RemoteLink and virtual desktop thin client that provides the end-user interface into enterprise servers. It creates a formidable barrier to establishing the attack precondition for a chosen code execution. All components are stateless and the boot media is never written to, with the end user left with no means to load and execute programs locally.

Cybercrime damage costs will hit $6 trillion annually by 2021. We continue to believe, as do our customers, that Blue Ridge Networks solutions provide the most robust security available against current and evolving threats. We’re simply more secure and the proof is the results. In 20 years of providing cybersecurity solutions, there has been not one reported breach of our solutions.

Interested in learning more? Contact us to speak with a cybersecurity expert today.

Contact Us