The wildly successful app NextDoor helps users to stay informed about neighborhood happening by offering crowd-sourced news on local events—be it good (yard sales, services) or bad (break-ins, crime). It’s the kind of situational awareness that can pay big dividends. A string of home break-ins may lead to lock your door at night or investment in a home security system, for example. If you only focused on your home, and not the neighborhood, you never would have seen it coming.
Apply this to network security teams. They are intensely focused on what is happening inside their networks. They are under great pressure to find hidden threat actors before they breach the organization. We’re living in a time where a single cyberattack can impact tens of millions of people, and no security professional wants that to happen to their organization.
Achieving Greater Visibility
Since the dawn of the internet era, network and security teams have been seeking greater visibility. Where are the threats hiding? We can’t stop what we can’t see!
In recent years, this challenge has grown exponentially as cloud computing emerged and those well-defined corporate silos were discarded for the new economics of cloud computing. Today, data and critical applications are spread across multiple cloud providers, making the challenge even greater.
In the connected world, you must always consider interdependences. It’s no longer enough to obsess about your network and your digital assets alone. They are part of a broader, connected ecosystem. For an application to run effectively across a multi-cloud environment, there are a lot of factors at play. The same goes for security. Who has access to your network beyond your employees and users? What about your vendors? How can a botnet in Asia impact your business?
Introducing Cyber Threat Horizon
We want to answer those questions. It’s why NETSCOUT launched Cyber Threat Horizon, a new threat intelligence portal designed to give companies the situational awareness they need to better protect their business by more fully understanding the threat landscape and its interdependencies.
According to Hardik Modi, NETSCOUT senior director of threat intelligence, having a global perspective comes naturally to NETSCOUT. “Since 2007, when we launched our ATLAS threat intelligence infrastructure, we have started with a global view of the threat landscape. We have long believed that context was key in security, in understanding threats, how they form, evolve, and target certain businesses. For our researchers, having a global view of threat enables them to deliver better protection at the local level.”
Modi continued, “Our objective with Cyber Threat Horizon is to enhance situational awareness for key stakeholders—those who care about how attack activity impacts organizations like themselves worldwide. The network and security intelligence delivered via ATLAS gives customers a considerable competitive advantage, as it allows them to compare and contrast what they are seeing on their own network with a macro view of global internet traffic and threats.”
When launched at the RSA conference in febrero de 2007, 30 ISPs contributed 3Tbps of global internet traffic to ATLAS. Today, ATLAS has more than 400 participating network operators contributing more than 150Tbps of global internet traffic. With this unique purview, Modi’s team of security researchers can deliver vital insights into the latest attack trends and attacker activities on a global basis.
The Threat Intelligence Report
The recently released Threat Intelligence Report is an example of the powerful combination ATLAS global threat intelligence and NETSCOUT security research. The new report examines attack activity in the first half of 2019, including nation-state, advanced persistent threat (APT) groups, IoT vulnerabilities, crimeware operations, and Distributed Denial of Service (DDoS) attack campaigns.
For the first time, NETSCOUT has made some of the underlying ATLAS data available to the public on the new Cyber Threat Horizon portal:
- Users can now search ATLAS data by attack type, size, target, by country, and by industry.
- Summary reports are available highlighting global DDoS attack activity, including a global attack summary, attack frequencies, volume, speed, source countries and source destinations.
If you are a network engineer responsible for uptime, for example, wouldn’t it be beneficial to know what kind of DDoS attacks are targeting others in your industry and region? If you knew that new attacks were targeting applications at your largest competitor, you could proactively tune your perimeter defenses. Just as with neighborhood activity, if you wait until the bad actors knock on your door, it’s too late. Situational awareness is about insights and preparation, having the most up-to-date and relevant information.
The combination of the Threat Intelligence Report and the Cyber Threat Horizon portal provides users with the data they need to gain a comprehensive view of the threat landscape, helping them understand what is happening around them, to companies like theirs (competitors) or companies they’re interested in (partners and customers).
In the connected world, no organization exists as an island. We’re all part of a broad technology ecosystem. NETSCOUT’s goal is to help organizations see and understand what is happening beyond their own borders so that they can use this information to better tune their own defenses against these emerging threats.
Visit the Cyber Threat Horizon portal.
Download the new NETSCOUT Threat Report.