Page 67 - Cyber Defense eMagazine - November 2017
P. 67

ENHANCE CYBER THREAT HUNTING THROUGH

               OPTICAL NETWORK ANALYTICS



               CYBER INTELLIGENCE OFFICIALS NEED DATA MINING CAPABILITIES TO
               TRACK MALICIOUS ACTIVITY ON GLOBAL TRANSPORT NETWORKS

               REQUIRES


               by Mike Seidler, Product Marketing Manager, NetQuest Corp.


               Global  optical  transport  networks  have  a  little-known  secret  that  keeps  cybercriminals  up  at
               night: It’s called analytics. Every time an attack is launched, whether it is theft of Equifax user
               data or one of an estimated 4,000 ransomware attacks that occur daily, malicious actors leave a
               trail of data that could be used to uncover their activities. Analytics derived from the physical
               transport network can be employed to give cyber threat hunters an advantage in collecting this
               data.

               Cyber intelligence officials often don’t see the data that could identify criminal activity because it
               is  typically  obscured  by  contemporary  monitoring  methods  that  strip  away  and  discard
               information that could be used to locate malicious activity.

               Additionally,  rapid  technology  changes  occurring  across  long-haul  transport  networks  are
               making it more difficult to search for cyber threats. As transmission speeds accelerate and the
               volume  of  traffic  expands  exponentially,  it  further  impedes  efforts  to  gain  real-time  visibility
               across the all of the pipes that feed into modern optical transport networks.
               That could all change as analytics and orchestration take a large role in in network access and
               monitoring technology. Providing greater information on where and when attacks occur could
               lead to the type of intelligence that turns the table on cyber terrorists.

               Modern cyber intelligence applications hunt down aggressors and malicious activity. Successful
               solutions should proactively and iteratively search through networks or datasets to discover and
               react to advanced threats that evade traditional rule or signature-based security solutions.

               This search starts with comprehensive traffic visibility because cyber intelligence agents cannot
               find  what  they  cannot  see. Trained  cyber  analysts  will  rely  on  automated  tools that  correlate
               information from data collected across multiple platforms to provide actionable intelligence. A
               combination  of  skilled  professionals  and  capable  tools  provides  the  necessary  backdrop  for
               successful threat hunting.







                   67    Cyber Defense eMagazine – November 2017 Edition
                         Copyright © 2017, Cyber Defense Magazine,  All rights reserved worldwide.
   62   63   64   65   66   67   68   69   70   71   72