Part 2: General Fights Back Cybercrime in NeverHackLand
In Part1, the general was already confronting cyber criminals in NeverHackLand as they have had it good for too long. The general started by making sure that all computer equipment and IT systems part of the city network were physically secure.
He was talking about 3-factor authentication at all physical sites where IT systems are hosted. He insisted that all IT staff and operators must use strong authentication to access the complex web of network devices and buildings that make up the physical IT infrastructure of the city. All access is locked down by: something you know, something you have, and something you are. For example, administrators must know a PIN, must have a secure token device, and use their fingerprints to gain authorised access to the city’s network infrastructure.
The general goes face to face with cyber attacks at Layer 2
The general moves further into the OSI stack to secure Layer 2. He is applying army tactics and enforcing a paranoia agenda to ensure that NeverHackLand is safe from cyber criminals. Remember, as a highly decorated five-star general, money is not an issue. The general wants to make sure NeverHackLand is a city free of cyber criminals.
Enforcing Network Access Control (NAC)
The general wants to know about every network equipment that is connected to the city network infrastructure. From switches, routers, wireless, PCs, laptops, IoT devices, etc. the general is enforcing NAC at all levels. All devices attempting to connect to the network must be risk assessed using advanced device profiling, behaviour analysis, machine learning, and fingerprinting. Those devices must also pass a rigorous anomaly detection check. Nothing is taken for granted. No electronic devices can be trusted. All devices are vetted before being authorised to connect to the city’s network. NAC is enforced at all Layer 2 points of entry. The general is truly paranoid about Layer 2 attacks.
With strong authentication applied at every single point of entry it is hard to see how cyber criminals will break into the physical network infrastructure. But the general is not taking any chances. All NeverHackLand IT staff are vigilant and trained in social engineering and working closely with AI systems. Looks like the general is working ‘Defcon 4’
Panic in the Darkweb
Rumours are circulating in the Darkweb that the general is taking cyber defence to the next level. The general is even planning to use counter measures such as advanced DDoS attacks to target the Darkweb infrastructure. He wants to completely take down the Darkweb. A very ambitious goal. Some cyber criminals are feeling the heat and are retraining to become whitehats security professionals. Looks like the general is making good progress.
The general closes down on IP connectivity (Layer 3)
In Part 3, the general moves further in the OSI stack to secure Layer 3. He is applying Army tactics and enforcing a paranoia agenda to ensure that NeverHackLand is safe from cyber criminals. “Any IP, anywhere, connecting to the city network infrastructure must be scanned, labelled, fingerprinted, and checked against a global IP intelligence database,” says the general.
Remember, as a highly decorated five-star general, money is not an issue. The general wants to make sure NeverHackLand is a city free from cyber criminals at any cost.
Until the next post in Part 3, stay safe and keep wise in NeverHackLand for the general is closing in on cyber criminals.
Can you help this Army general? Post your comments. Let’s make NeverHackLand safe!
- Part1 — General Fights Back Cybercrime in NeverHackLand (Layer1)
- Part2 — General Fights Back Cybercrime in NeverHackLand (Layer2)
About The Author
Marco Essomba is a network & security expert with more than a decade of experience in the field. Marco is CTO & CEO at AMPS Global, a World Class Consulting firm that enables organisations in banking, healthcare, retail, finance, insurance, and technology to design, implement, and support their digital infrastructure for the most secure and optimised delivery of Enterprise Apps. AMPS Global core expertise is cyber security and high availability IT solutions with a unique focus on F5 Networks and Clearswift. That expertise also extends to other leading network and security products such as Check Point, Splunk, ForcePoint, RSA, and Cisco allowing AMPS Global to deliver the best solution that will match clients current and future requirements. Projects and case studies available here.
Twitter: 6K+ followers → @marcoessomba
LinkedIn: 6K+ followers → https://uk.linkedin.com/in/marcoessomba
Other Publications by Marco: https://www.linkedin.com/today/post/author/posts#published?trk=mp-reader-h