Yakking About Hacking

At Dispersive, we eat, breathe and live networking technology. We also talk about it—a lot. What really gets us going are man-in-the-middle attacks. We believe their threat is underestimated, their damage incalculable, and their occurrence much too frequent in today’s hyperconnected world.

Last week, some of us were in the breakroom discussing the SYNful Knock incident. That’s the malware that compromised 199 Cisco routers in 31 countries, including 25 devices in one US ISP’s network. Unfortunately, this incident isn’t a one-off; it’s part of a disturbing trend.

For years, security administrators have focused almost exclusively on servers and networks. Router protection has been less of a priority. This has not gone unnoticed by cybercriminals. Consequently, they now attack routers much more often and enjoy greater success.

That’s the bad news. The good news is a Dispersive™ Virtualized Network deters attackers from using compromised routers. We were discussing this special ability while waiting for the microwave when someone asked a simple question that started a loud debate.

Which Dispersive™ Virtualized Network feature hacks off hackers the most?

Granted, it wasn’t the most eloquently phrased question ever uttered at Dispersive, but we got the picture. Here are the top three choices we came up with, in no certain order.

  1. A Dispersive™ VN makes data interception costlier and more complex.
    To intercept any meaningful data—even traffic that transits a compromised router—a hacker must first determine which streams belong to which transmission, then break each encryption key, and finally reassemble the packet streams correctly. The odds of accomplishing all three tasks are astronomical.
  2. A Dispersive™ VN rolls packet streams across ports and protocols.
    When on a gateway between an enterprise router and firewall, our software not only allows packet streams to roll across different ports, but also to use different protocols while doing it. As it goes through the firewall, a single stream can start on a port using UDP, then switch to another port using TCP. All the while, corresponding streams in the transmission are doing something else. Since our solution only calls out from the end points, we don’t need administrators to poke holes in the firewall for our clients to communicate. Sound complicated? It is.
  3. A Dispersive™ VN creates subnetworks that prevent attacker access.
    When placed on a device behind an enterprise router, our software allows the enterprise to implement better access control by segmenting networks. Network devices can be easily grouped into subnetworks inaccessible to anyone outside it. This would prevent a compromised router from exfiltrating data.

And by the way, we just don’t talk to each other about compromised routers, man-in-the-middle attacks and other networking topics. We’d welcome the chance to talk to you about best-security practices. Email us at info@dispersivegroup.com or call (844) 403-5852.