New CSE Report Provides Warning That Critical Infrastructure Networks in Canada are At High Risk of Attack: What You Need To Do Now (LONG READ)

No Gravatar

A recent report from the CBC covering a new intelligence assessment from the Communications Security Establishment (CSE) has highlighted the very real threat against Canada’s critical infrastructure, such as the electricity supply.  The CSE has intimated that state-sponsored actors are sharpening their cyber capabilities to enable an attack that will be used to intimidate or prepare for future online assaults.  While the report focused primarily on Canada’s Critical Infrastructure, we believe same applies to all our customers, worldwide.

The report has provided some extremely interesting findings. Here are some that we would like to directly highlight:

“State-sponsored actors are very likely attempting to develop cyber capabilities to disrupt Canadian critical infrastructure, such as the supply of electricity, to further their goals. We judge that it is very unlikely, however, that cyber threat actors will intentionally seek to disrupt Canadian critical infrastructure and cause major damage or loss of life in the absence of international hostilities. Nevertheless, cyber threat actors may target critical Canadian organizations to collect information, pre-position for future activities, or as a form of intimidation.”

First Finding – The probing that is occurring is focused on ‘collecting’ information. Next, 

“In 2019, Russia-associated actors probed the networks of electricity utilities in the US and Canada. Iranian hacking groups have targeted ICS infrastructure in rival nations, including the US, Israel, and Saudi Arabia. North Korean malware has been found in the IT networks of Indian power plants, and US utility employees have been targeted by Chinese state-sponsored cyber threat actors.”

Second Finding – The probing that is occurring is not just focused on the infrastructure but also on the ‘employees’.   As we’ve seen in the past, employees can often be a weak link in the security chain.  The report goes further, stating, 

“We assess that cybercriminals will very likely increase their targeting of ICS in the next two years in an attempt to place increased pressure on critical infrastructure and heavy industry victims to promptly accede to ransom demands.”

Third Finding – There is a critical connection between Industrial Control System (ICS) threats and ransomware.  In one case, state actors are using threats to ICS in order to force the victim to pay the ransom or face monetary loss through operation shutdowns due to safety concerns.  Here is the statement, 

“We assess that cybercriminals will very likely increase their targeting of ICS in the next two years in an attempt to place increased pressure on critical infrastructure and heavy industry victims to promptly accede to ransom demands.”

“Since January 2019, at least seven ransomware variants have contained instructions to terminate ICS processes. The impact of these attacks on ICS varies according to the specific circumstances of the industrial process and the reaction of the site staff. In June 2020, a car manufacturer halted production at most of its North American plants, including one in Canada, “to ensure safety” after very likely being hit by one of these ransomware variants.

Fourth Finding –  Ransomware campaigns,  in order to increase their success, are becoming more focused on Big Game Hunting (BGH).  Threatening ICS is hence becoming part of these BGH campaigns.  BGH campaigns are generating exceedingly higher bounties.  One such case was brought up by the report: 

“As BGH ransomware campaigns have become more common, the value of ransom demands has increased. Ransomware researchers estimate that the average ransom demand increased by 33% since Q4 2019 to approximately $148,700 CAD in Q1 2020 due to the impact of targeted ransomware operations At the more extreme end of the spectrum are multi-million dollar ransom events, which have become increasingly common. In October 2019, a Canadian insurance company paid $1.3 million CAD to recover 20 servers and 1,000 workstations.” 

Fifth Finding –  There is a blurring of lines between ransomware campaigns and state sponsored campaigns (including ICS targets) because of the mutually beneficial outcomes. 

“In addition, we assess that it is likely that state-sponsored cyber threat actors will use ransomware to obfuscate the origins or intentions of their cyber operations. It is almost certain that the intelligence services of multiple countries maintain associations with cybercriminals that engage in ransomware schemes. In these mutually beneficial relationships, cybercriminals share stolen data with intelligence services while the intelligence service allows the cybercriminals to operate free from law enforcement.”

Sixth Finding –  These targeted ransomware campaigns against large enterprises and critical infrastructure providers are going to increase over the next two years – and those who refuse to pay are risking the severe consequences. 

“We expect that ransomware directed against Canada in the next two years will almost certainly continue to target large enterprises and critical infrastructure providers. Furthermore, many Canadian victims will likely continue to give in to ransom demands due to the severe economic and potentially destructive consequences of refusing payment. Since late 2019, multiple Canadian businesses and provincial governments have had their data publicly leaked by ransomware operators for refusing payment, including a construction company and a consortium of Canadian agricultural companies.”

Final Finding – There are multiple statements about Canadian enterprises being targeted if they have foreign operations.  These foreign operations will often also be weak security links offering entry into the networks of the main operations in Canada. 

“Many organizations rely on a complex and often globally distributed supply chain for many aspects of their operations, including precursor manufacturing, IT infrastructure and support, and financial services. Cyber threat actors target the networks of trusted vendors and then leverage the vendors to access the networks of their true targets.”

In Summary, as the report alludes, the unfortunate reality is that the threats will continue to grow as more and more critical infrastructure networks and operational technology networks improve their technology use and go online.  In the past, Operational Technology (OT) that has been used to control a variety of critical infrastructure and systems was fairly immune to cyber attacks as they utilized older IT and were air-gapped from the internet.  However, with newer technology being introduced that lowers operation costs and makes things more efficient and easy to use, the number of attack vectors are increasing dramatically.  Now, with upgraded technology that utilizes the internet to access and control systems, they become increasingly more favoured targets by these state-sponsored hackers.

And critical infrastructure will not be the only targets going forward.  As more and more IoT devices connect to the internet (such as those used in the growing number of “smart cities” as well as in other areas such as healthcare, with personal medical devices), the risks will continue to grow.  We’ve written about potential healthcare vulnerabilities in the past that could result in life or death situations.  These are all interconnected and inter-related to the explosion in the number of IoT devices being used and the growing threat that they bring to the systems that use them.

What should you do?

First, your organization should review its current solutions in place to see whether they are able to detect and block any and all malware in real-time. By ensuring that malware is unable to breach the network is the first step in avoiding prolonged and focused attacks by hackers.

Next, your organization should look at information sessions for employees to make them aware of various types of attacks and what they may look like. Unfortunately, the human element is one of the weakest links in the security wall and a simple phishing email to an unsuspecting employee can sometimes be the hole that hackers need to get into the network.

Review how well fortified your ICS devices are and what protections they are afforded by your current solution. If there are holes here, they need to be closed by a solution that is aware of the vulnerabilities and that can scan for them and block them.

Have a look at the game plan that your organization has concerning how it deals with Ransomware attacks. Although the best way handle these is to prevent them from occurring in the first place with a real-time threat prevention solution, look at whether you have adequate back-up systems in place as well as see how quickly your IT security team can get your systems up and running again from these back-ups.

Finally, if you have subsidiaries overseas, do an assessment on how they communicate back to your HQ network and servers and see how well this communication channel is secured. As we’ve seen during the current pandemic, VPN connections are not as secure as people think they are. These channels need to be fully secured by a solution that can scan the VPN communications for any malware that may have found their way onto the endpoint devices.

This brings us to how some of these critical vulnerabilities can be fixed.  From our perspective, many of these attack vectors can quickly and easily be closed with the right solution.   Wedge has been at the forefront of the Real-time Threat Prevention revolution, developing an orchestrated network security platform that combines Deep Content Inspection visibility with AI / Machine learning, along with patented high performance data processing technologies that enables the real-time detection and blocking of all malware (known, unknown and targeted).  By incorporating AI and automated and continuous machine learning in the fight against bad actors, many of whom have already started using AI to create new malware, Wedge is looking to turn the tide against these attacks.  

Wedge has also recently started offering WedgeARP for enterprises that have a portion of its employees working from home with Wedge Secure Home Office and has also started providing Wedge Secure Remote Office, a uCPE and vCPE based WedgeARP offering for those organizations with offices overseas. The key here is being able to detect malware in real-time and block it before it has a chance to gain access to these critical infrastructure networks. This goes a long way to helping prevent targeted and co-ordinated attacks; hopefully also preventing hackers from collecting information they need to put themselves in advantageous and intimidating positions in the future.

While the CSE’s briefing was not meant to scare people into taking an extreme approach by “going off the grid by building a cabin in the woods”, it is a good reminder that it is time for many of these critical industries to take a more pro-active approach to how they are defending themselves against highly motivated state-sponsored hackers.  

Coming back to the CSE’s warnings, we feel that the time is now for many of these vulnerable organizations to take a closer look at their cyber defences and see how Wedge Absolute Real-time Protection can help stave off these future attacks.  To find our more about WedgeARP and Real-time Threat Prevention, contact our team at: info@wedgenetworks.com.  The solutions are available.  They just need to be put in place.

Posted in Industry News, Latest Security News | Tagged , , , , , , , , | Leave a comment

Companies in Belgium Paying EUR100MM Per Year As A Result of Ransomware (Growing 29%!) : Wedge Absolute Real-time Protection Can Help Stop This!

No Gravatar

According to the Brussels Times, a report by the Belgian parliamentary economy committee notes that Belgian companies are paying an estimated EUR100 MM per year to criminal hackers.  As claimed by a series of experts that were interviewed by the committee, almost one third of companies have experienced ransomware.  Unfortunately, fearing a loss of face or reputation for the company, many do not report the matter to the police.

Many of these cases also go unreported as a result of the accessibility to ransomware insurance, which reimburses companies for some of their losses; also making it less likely that they will report the cybercrime.  Unfortunately, the problem in Belgium typically concerns small and medium-sized businesses which often suffer major financial damage if they are unable to get back access to their data.  Thus, many of these companies often have no choice but to pay.  The current figures for the region show that the number of cases of ransomware in 2019 rose by 29% from the previous year and unfortunately, the cases are trending steeply upwards.  

As we have seen elsewhere around the world, ransomware has become a big business with hardly any skill needed as hardware and software used to perpetrate this type of cybercrime is easily obtainable from hackers that offer “Ransomware-as-a-Service” to whomever is willing to pay.  As a result, it is expected that cyber-fraud will continue to increase exponentially; that is, unless businesses start looking at more innovative approaches such as Real-time Threat Prevention.

“The perpetrators don’t even have to be skilled in computer science,” said Antwerp prosecutor Robrecht De Keersmaecker, chief coordinator of the Cybercrime Expertise Network.

Thankfully, Wedge’s Absolute Real-time Protection utilizes AI that doesn’t require the user to be an expert either; it can detect new and variations of ransomware automatically with its built in highly trained neural network.

The big downfall for most organizations who are using typical network security solutions is that they are often based on the old notion of “Detect and Remediate”; that basically detects the malware AFTER it has already infiltrated the network and then tries to eradicate it.  By this time, in the case of ransomware, the cyber criminals have already accessed the network and has locked up key files which they can then obtain ransom for.  This does not have to be the situation if companies start employing a Detect and Block, or Real-time Threat Prevention approach to their cyber security.

This is where Wedge Networks comes in.  Wedge has developed the Wedge Absolute Real-time Protection (WedgeARP) orchestrated security platform that incorporates Deep Content Inspection along with AI and Machine Learning to be able to “SEE” content flowing through the network and to understand the intent of the data. This enables the solution to detect even new, never-before-seen malware, such as the ransomware variants that are being created every day.  With patented high speed network data processing, WedgeARP can detect and then block all malware in real-time; stopping them BEFORE they can even access the network to do any harm. 

To learn more about WedgeARP and how it can help prevent your organization from becoming another ransomware statistic, contact our team at: info@wedgenetworks.com.  We offer a FREE 90 day trial to any and all organizations who are feel that they would prefer to prevent a ransomware attack than have to deal with paying out to cyber criminals.

Posted in Industry News, Latest Security News | Tagged , , , , , | Leave a comment

Is Ineffective Technology The Real Reason Why Cybersecurity Is Failing? We Disagree…

No Gravatar


HelpNetSecurity.com
 posted a rather provocative article recently that postulated that the reason why cybersecurity was failing is due to ineffective technology.  Although we can see how many might consider this to be an accurate representation of the cybersecurity industry right now, we at Wedge would have to disagree on whether this is a completely accurate picture.  Although there might be a lot of heavily marketed but ineffective technologies on the market right now, there are also several innovative companies whose technologies will potentially disrupt the industry and fix some of the failings that are evident out there.

The article and underlying report by DebateSecurity.com does touch on a few key ideas as to why the industry finds itself in this interesting case of misperception; such as efficacy issues (with many solutions not really performing as they are advertised), which leads to trust issues by CISO’s who buy a solution and then “cross their fingers and hope that the technology works”.  The other key idea being that it is also an economics problem, with an “asymmetry between the parties that prevents buyers from effectively evaluating technology” and that it “incentivizes vendors to bring sub-optimal solutions to the market”.  Apart from governments, very few buyers in the market have the ability to use detailed and independent cybersecurity efficacy assessments as part of their procurement process.  For the most part it is because it takes time and resources to conduct assessments on several solutions to find the best one for the organization’s use case.  As such, they often end up going with the solutions with the most advertised features or on the ones that have the best marketing, instead of putting the priority on the actual efficacy of the solution itself.  Basically, buyers end up typically looking for the least expensive solution that can do the “most” for them. Because of the conflicting goals between the buyer and the seller, the “sub-optimal” solutions often end up being sold based on price or “advertised features”.

When it comes down to it, the unfortunate result of the long-standing disconnect between buyers and sellers in the cybersecurity space has resulted in the acceptance of ineffective technology as being “normal”.  Companies / buyers will often only be able to perhaps try only a couple of solutions and then end up basically taking a risk on one of them; “hoping” that it actually works for their organization.
 
So, what are some of the suggestions that the article and the report make for solving this issue?  There are four characteristics that have been broadly agreed upon as requirements for comprehensively defining cybersecurity technology efficacy.  These are that the solution:

1. Must have the capability to deliver the stated security mission (fit-for-purpose)
2. Must have the practicality that enterprises need to implement, integrate, operate and maintain it (fit-for0use)
3. Must have the quality in design and build to avoid vulnerabilities and negative impacts
4. Must have its origins from a vendor company, its people and supply chain, such that no additional security risks are introduced.

The thought is that in order for changes to start happening to the cybersecurity industry, coordinated action between all stakeholders (buyers and sellers) would have to occur and that it might only be achieved through regulation.  Several respondents to the DebateSecurity report stated that a transparent assessment of technology could help to solve what is essentially a breakdown in the market, and that setting standards on technology assessments, instead of the technology itself could help to prevent stifling innovation that might occur otherwise.

When it is all said and done, the big challenge for cybersecurity professionals is trying to select effective technologies for their organizations.  Unfortunately, the pressure is on them to choose the right technologies with limited assessment resources, especially when buying the wrong solution may see them looking for employment elsewhere.
So, why does Wedge disagree with the overall premise of HelpNetSecurity’s article?  Well, for one, we feel that we are one of those innovative companies whose technologies is seeking to disrupt the industry!  We have patented technologies that have proven their effectiveness time and time again and we are starting to win converts with our Real-time Threat Prevention approach to cybersecurity.  Unlike many of the larger solution providers who rely on the big marketing budgets to sell their products, Wedge has been quietly winning customers over with our innovative orchestrated threat management platform.  We base our solution on our patented high performance SubSonic Engine and Deep Content Inspection technology that enables us to go further than other solutions by reassembling packets into their MIME objects so that we can “see” the intent of the content.  Over the years, with our Open Service Bus, we have been able to take the best-of-breed security services on the market and run them on our high performance platform to offer the best of the best that is available.  More recently, we have also incorporated automated and continuously learning AI / Machine Learning neural  networks to help in the ongoing cybersecurity battle.  This allows our Wedge Absolute Real-time Protection platform to now be able to even recognize zero-days and never-before-seen malware, blocking it in real-time!  And, as new technologies are developed, we’ll continue to add them to our platform…

When it comes down to it, Wedge has always focused on creating highly effective cybersecurity technologies, right from the start.  We have been and continue to be a company focused on innovation.  That is why we feel that by painting the whole industry with the same brush and stating that it is failing because of ineffective technology does companies like ours, who are bringing innovative and effective solutions to the industry, a big disservice.  Hopefully, the companies out there who are peddling ineffective solutions will soon be displaced by innovative solutions like ours.  To find out more about some highly effective technology in the Cybersecurity industry, feel free to contact our team at: info@wedgenetworks.com.

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , , , , | Leave a comment

Another Municipality Hit By a Cyber Attack / Cyber Fraud: Why Not Prevent These Occurrences Using WedgeARP – Real-time Threat Prevention?

No Gravatar

Here’s an interesting case of a municipality that has lost money, not due to ransomware this time (unlike the other blogs that we’ve done such as: thisthis and this) , but due to cyber fraud.  Portageonline.com reported that the Municipality of Westlake-Gladstone, in Manitoba, “was the target of a malicious cyber security breach, in which a significant amount of money was electronically stolen from the Municipality’s operating bank account.”  What makes this different from the typical attack is that instead of using a ransomware angle, the hackers infiltrated the Municipality’s network, were able to access confidential banking account information, and made off with approximately $447,000.00 via a number of electronic withdrawals in amounts of $9,950.00.
 
This occurred even though the municipality had a secure server and their network was being monitored by an IT security management company.  That IT management company continues to state that they have been “unable to detect any suspicious activity on the administrative office server and network and are confident that the server and networks in our office are secure.” So, a cyber-attack has occurred that resulted in the loss of almost half a million dollars and the IT management company still hasn’t found out how it happened?  There seems to be something wrong with this picture and something lacking in the municipality’s current security set-up and/or security management company.

Granted, lately, we’ve been so focused on ransomware attacks that have hit municipalities and government departments, that we forget that there are other cyber attacks that are still being perpetrated, with the results still being the loss of money.  With the main moneymakers continuing to be very targeted ransomware, a lot of government IT departments may neglect to consider other zero-days and never-before-seen malware that can also lead to monetary loss in other ways.

That’s why at Wedge, we continue to press for organizations to consider looking at solutions such as our Wedge Absolute Real-time Protection (WedgeARP) that integrates AI/Machine Learning neural networks into our orchestrated real-time deep content inspection platform.  Along with our high performance engine, the AI/ML deep learning aspect of our solution enables us to detect not only the ransomware attacks that are so widespread and rampant, but also any other never-before-seen attacks that could lead to the security breach as described above.  

If a hacker has been able to gain access into your secure network, who knows what sort of damage can be done or what confidential information could be exfiltrated to allow unauthorized access into other secure systems, such as the banking network, in this case.  Stay one step ahead by integrating solutions such as WedgeARP that take a pro-active approach to network security and that can PREVENT hackers from gaining access to secure servers and networks BEFORE they can do any harm.  For more information on how your organization can secure itself against cyber attacks such as these, contact our team at: info@wedgenetworks.com.

Posted in Industry News, Latest Security News | Tagged , , , , , , , , | Leave a comment

Paying Ransomware Can Now Get You Sanctioned By the US Department of the Treasury: Here’s How Wedge Can Help!

No Gravatar

A big ransomware game changer came down the pipe on October 1st, from the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC)  as they issued a Ransomware Advisory alerting companies of potential sanctions risks for facilitating ransomware payments.  This has the huge potential of taking away many companies’ “solution of last resort” when it comes to dealing with a ransomware attack on their organizational network infrastructure and proprietary data.  Granted, in theory, stopping the ability for companies to pay malicious cyber actors who carry out ransomware attacks, SHOULD have the effect of reducing the monetary allure for carrying out the attacks.  However, by taking away the ability to pay ransom, in the short term at least, this will definitely affect a lot of businesses; many of whom could be forced to cease operations should access to their systems and data be unrecoverable through means other than paying the ransom.

According to the Ransomware Advisory, “OFAC has imposed, and will continue to impose, sanctions on these actors and others who materially assist, sponsor, or provide financial material, or technological support for these activities.”  What this new advisory brings to the forefront is that now, facilitating ransomware payments on behalf of a victim may also violate OFAC regulations and be subject to sanctions.  The OFAC has designated a list of malicious cyber actors under its cyber-related sanctions program and other sanctions programs, including perpetrators of ransomware attacks and those who facilitate ransomware transactions, with whom sanctions would apply to ANY organizations who deal with them.  Many of those on the list are well-known cybercriminal organizations who have been responsible for the majority of ransomware attacks.  These include: Cryptolocker developer Evgeniy Mikhailovich Bogachev, WannaCry developer Lazarus Group, Russia-based Evil Corp (responsible for the Dridex malware and others), just to name a few.

As we alluded to a little while back, large organizations are becoming favourite targets of ransomware attacks.  For one, they often have deep pockets and enough resources to actually pay the ransom in order to get their systems and data back.  They are also the organizations that often have the most to lose if their systems go down.  A case in point is the recent attack on Garmin, which had a massive effect on global positioning services.  Although Garmin was able to get their systems and services back online in somewhat short order, there is speculation that they actually caved in and paid the ransom demanded in order to facilitate this.  There is also speculation that they may face sanctions as a result of doing so!!

So, with this recent advisory, hopefully things may turn things around in the war against ransomware.  Unfortunately, the victims of the attacks are going to be greatly affected as paying a ransom is no longer on the table.  By paying the ransom, they face potential sanctions from the OFAC; basically a triple whammy of you’re “damned if you do and damned if you don’t” because if you don’t, you lose your systems and data but if you do, you pay the ransom AND also now a fine.

In the meantime, the best defence against ransomware has always been prevention, not the current approach of detect and remediate, where you have a patient zero who could be the catalyst for a ransomware attack. Refer back to our blog here.  Wedge’s Absolute Real-time Protection (WedgeARP) platform has been proven to be one of the most highly effective solutions against ransomware by offering real-time threat prevention.  By detecting and BLOCKING ransomware attacks BEFORE they have a chance to access a network and do harm, organizations are spared the costly remediation efforts, and now, potential sanctions when dealing with a successful attack.  By utilizing patented Deep Content Inspection techniques, along with orchestrated threat management with multiple layers of protection – INCLUDING AI deep learning / machine learning based threat detection – WedgeARP can SEE the intent of content and is able to detect and block ALL malware (known, customized and never-before-seen), all in real-time.  If your organization is concerned about the effects a ransomware attack could have on its systems and operations as well as the financial impact and potential government sanctions it could face, maybe it’s time to think about adding real-time threat prevention as part of its arsenal.  Contact our team at: info@wedgenetworks.com to learn more.

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , | Leave a comment

Edgecore Networks Partners With Wedge Networks to Integrate Wedge’s Absolute Real-time Platform into Joint Product and Solutions Offerings

No Gravatar

24 September 2020 – HSINCHU, Taiwan and CALGARY, Canada: Edgecore Networks Corporation (Edgecore), the leader in open networking, delivering wired and wireless networking products and solutions to data centers, service providers, enterprises and SMB customers worldwide, has formally entered into a technology and distribution partnership with Wedge Networks.  Through this partnership, Edgecore will integrate Wedge’s Absolute Real-time Protection™ (WedgeARP™) platform software into a selection of its hardware devices such as Access Points, CPEs, Edge Devices, Network Devices, etc., for its global client base. 

WedgeARP™ provides network-based, real-time threat protection for all types of endpoints in a wide range of networks (mobile data, 5G, SD-WAN, SASE, and smart-city/IIoT). With an embedded deep learning AI engine and patented real-time deep content inspection technology, WedgeARP™ can detect never-before-seen malware in milliseconds. Running on an orchestrated threat management platform, it is an effective and autonomous approach to enable large-scale real-time threat prevention.

Within a global ecosystem of commercial partners and open-source communities, Edgecore Networks delivers networking solutions based on open hardware and software platforms that increase choice, freedom, greater control, encourage and quicken innovation, lower TCO, and stimulate new business models.  Through this agreement, Edgecore expands its product offerings with the addition of Wedge Networks’ software technology, creating an excellent opportunity for providing real-time threat protection to its clients around the world

TT Hsu, Vice-President at Edgecore Networks stated, “We have been working very well with Wedge Networks on our technology integrations and are pleased to formalize our strategic alliance as it will allow Edgecore to enhance our cybersecurity offerings with real-time threat prevention to our growing client base. Edgecore has a strong focus on providing complete solutions that generate value for our customers and to assist with realizing the potential for our digital-network society.  This partnership with Wedge Networks, and the joint products the alliance will bring, is expected to keep us ahead of the technological curve for network security going forward.”

“Edgecore is a key technology partner for Wedge and shares our vision of real-time threat prevention for the cloud connected world,” commented Dr. Hongwen Zhang, Wedge Networks, CEO & CTO. “The joint solution will benefit customers and partners to secure their digital transformation in the rapidly emerging SASE architecture.”

Edgecore Networks is authorized as a Strategic Technology Partner to promote the joint technology solutions around the world.

About Edgecore Networks 

Edgecore Networks Corporation is a wholly owned subsidiary of Accton Technology Corporation, the leading network ODM.  Edgecore Networks delivers wired and wireless networking products and solutions through channel partners and system integrators worldwide for the Data Center, Service Provider, Enterprise and SMB customers.  Edgecore Networks is the leader in open networking providing a full line of open Wi-Fi access points, packet transponders, virtual PON OLTs, cell site gateways, and 1G, 10G, 25G, 40G, 100G and 400G OCP-Accepted™ switches that offer choice of commercial and open source NOS and SDN software. For more information, visit: www.edge-core.com.

About Wedge Networks

Wedge Networks Inc. is a Real-Time Threat Prevention solutions company. Its innovative technology platform, Wedge Absolute Real-time Protection (WedgeARP™), is a software defined orchestrated network security system. Deployed, via the cloud, on premises, or in a virtualized environment, in data centers by enterprises, governments, and managed security service providers, WedgeARP™ inspects, detects, and blocks in real-time, malware and cyber threats (known, unknown and customized). Wedge does this through its patented Deep Content Inspection (DCI) technologies, combined with artificial intelligence and best-of-breed security functions.

Awarded a Gartner Cool Vendor designation, and twice bestowed with Build-In-Canada Innovation awards, Wedge Networks is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit: https://www.wedgenetworks.com/.

—————————————-

For media enquiries, please contact:

PR@wedgenetworks.com

This release contains forward-looking statements, which are based on current expectations, estimates, and projections about the Corporation’s business and prospects, as well as management’s beliefs, and certain assumptions made by management. Words such as “anticipates,” “expects,” “intends,” “plans,” “believes,” “seeks,” “estimates,” “may,” “should,” “will” and variations of these words are intended to identify forward-looking statements. Such statements speak only as of the date hereof and are subject to change. The Corporation undertakes no obligation to publicly revise or update any forward-looking statements for any reason, except as required under applicable securities laws. Readers are cautioned that any such forward-looking statements are not guarantees of future business activities and involve risks and uncertainties, and that the Corporation’s future business activities may differ materially from those in the forward-looking statements as a result of various factors , including, but not limited to, [NTD: expansion and business strategies, anticipated growth opportunities, the impact of the COVID-19 pandemic, general economic, market or business conditions, the amount of fundraising necessary to perform on its business objectives,  operational risks, the ability of the Corporation to raise necessary funds for its business objectives, and the outcome of commercial negotiations.] Such statements are not guarantees of future performance and are subject to certain risks, uncertainties, and assumptions that are difficult to predict. Accordingly, actual results could differ materially and adversely from those expressed in any forward-looking statements as a result of various factors. There can be no assurances that such information will prove accurate and, therefore, readers are advised to rely on their own evaluation of such uncertainties.

Ce communiqué de presse contient des déclarations prospectives fondées sur les attentes, estimations et projections actuelles concernant les activités et les perspectives de la compagnie, ainsi que sur les convictions de la direction et certaines hypothèses formulées par la direction. Des mots tels que “anticipe”, “s’attend”, “a l’intention”, “des plans”, “croit”, “cherche”, “estime”, “peut”, “devrait”, “aller faire” et les variantes de ces mots visent à identifier les déclarations prospectives. Ces déclarations ne sont valables qu’à la date du présente document et sont sujettes à modification. La compagnie n’assume aucune obligation de réviser ou de mettre à jour publiquement les énoncés prospectifs pour quelque raison que ce soit, sauf si c’est requis par les lois sur les valeurs mobilières applicables. Les lecteurs sont avertis que ces déclarations prospectives ne sont pas des garanties d’activités commerciales futures et impliquent des risques et des incertitudes et que les activités commerciales futures de la compagnie peuvent différer des déclarations prospectives en raison de divers facteurs, y compris, mais pas limiter à, [NTD: l’expansion et stratégies commerciales, des possibilités de croissance anticipées, l’impact de la pandémie COVID-19, l’économique général, les conditions du marché ou des affaires, le montant de la collecte de fonds nécessaires pour atteindre ses objectifs commerciaux,  les risques opérationnels, la capacité de la compagnie à lever les fonds nécessaires pour ses objectifs commerciaux, et le résultat des négociations commerciales.] De telles déclarations ne sont pas des garanties de performances futures et sont soumises à certains risques, incertitudes, et des hypothèses difficiles à prévoir. Par conséquent, les résultats réels pourraient différer de manière significative et défavorable de ceux exprimés dans les déclarations prospectives en raison de divers facteurs. Rien ne garantit que ces informations s’avéreront exactes et, donc, les lecteurs sont invités à se fier à leur propre évaluation de ces incertitudes.

Posted in Industry News, Latest Security News, Wedge Channel Partner Forum, Wedge News | Tagged , , , , , | Leave a comment

AI Automating Cybersecurity in Post-COVID World: Wedge can get you straight to Level 5…

No Gravatar

A great article in Venturebeat was recently published that brought up the marked acceleration of using AI in the realm of cybersecurity.  Unfortunately, cybercriminals are ahead of the curve in this regard and are evolving much more quickly in order to take advantage of the situation.  Cybercriminals have already started looking at artificial intelligence to help increase the breadth and depth of their attacks.  They have already begun utilizing AI to allow for faster cracking of passwords and to even automate their attack infrastructure.  With cybercriminals utilizing AI to their benefit, the question becomes, “What about the other side?  How can the Good Guys Utilize AI to defend against these attacks?”  

Venturebeat provided a nice little chart on the Levels of Cybersecurity Automation, which outlined the following:

Level 1 – Manual Detection & Manual Response – Events are detected by Security Operations Center (SOC) and fraud teams; manual mitigation of individual events.

Level 2 – Manual Detection & Semi-Automated Response – Responses are sufficiently well-understood that automation through rules and scripts is used in response and mitigation.

Level 3 – Semi-Automated Detection & Semi-Automated Response – Event detection facilitated by automated analytics; typically where machine learning (ML) is introduced.

Level 4 – Automated Detection & Semi-Automated Response – Event detection is fully automated through ML and other analytics, driving SOC & fraud workflows, investigations, and rule generation.

Level 5 – Fully Automated Detection and Fully Automated Response – Detection and response systems are fully automated for all events; manual effort is primarily focused on improving the automated system as opposed to dealing with individual events.   And this is where Wedge Networks can take you!

Unfortunately, most organizations are at Level 1, with some more sophisticated organizations in the Level 3 and 4 range. In order to adequately defend against the cybercriminals in the long term, organizations are going to have to be at Level 5, where AI can help to overcome the Security Gap; which is the gap in which the finite network security resources are quickly overrun by the exponentially expanding security threats.  Without Level 5, resources will continually be spent trying to deal with individual events, instead of focused on improving the security as a whole.. As the cybersecurity industry continues to further integrate AI and machine learning into solutions, it is boiling down to more of an analytics and automation problem; one that can often be plagued with both false positive and false negative issues that need to be worked out.  More false positives and customers are unhappy, more false negatives and successful attacks increase, and customers are again unhappy.

So, with all of the above, where is YOUR organization at in terms of AI integration?  Does your cybersecurity solution utilize AI and machine learning?  If not, why not?  If they do, to what level is it integrated?  

The great things is that Wedge saw the writing on the wall several years ago and did something about it.  We’ve actually been integrating Ai and machine learning into our Wedge Absolute Real-time Protection (WedgeARP) platform for several years now and with great success!  We have been orchestrating AI at the network level with our Wedge Advanced Malware Blocker, which revolutionized malware PREVENTION.  WedgeAMB orchestrates AI technology and other technologies to detect and block both known and unknown (never-before-seen) malware, preventing them from entering the network and stopping attacks before they can start.  Combined with WedgeIQ and the actionable threat analytics that it provides, Wedge has been at the forefront of AI utilization in the cyber security realm.  

And, we’ve not stopped improving!  Wedge has further devised Wedge Nucleation, which is an automated continuous deep learning process for real-time threat prevention.  This process uses automation for continuously training artificial neural networks (ANN) from filtered and labeled network data.  With each iteration, the ANN further improves its accuracy of filtering and labeling network data, adding to the ever-evolving intelligence.  This intelligence further reduces both false positives and false negatives, leading to much more accurate results.  To learn more about how Wedge has been utilizing AI in its real-time threat prevention platform, contact our team at: info@wedgenetworks.com.  It’s time that organizations jump ahead of the cybercriminals and protect themselves against the new generation of AI-based attacks.  Wedge Networks can enable your organization to do just that!

Posted in Industry News, Latest Security News | Tagged , , , , , , | Leave a comment

RHEA Inc. Enters into Strategic Alliance With Wedge Networks

No Gravatar

Leading cybersecurity and engineering solutions company, RHEA Group to offer Wedge Networks Absolute Real-time Protection platform – WedgeARP™ in Canada and across Europe and South America

10 September 2020 – CALGARY, Canada: RHEA Inc., headquartered in Montreal, Canada, offers bespoke engineering solutions, system development and security services, announced today that it has been appointed as an authorized Elite partner for Wedge Networks in the Canadian, European and South American markets. Through this strategic alliance / partnership, RHEA Inc. will be able to deliver the Wedge Absolute Real-time Protection™ (WedgeARP™) platform to its global customers who are actively looking for real-time protection from advanced persistent threats and never-before-seen malware.

WedgeARP™ provides network-based, real-time threat protection for all types of endpoints in a wide range of networks (mobile data, 5G, SD-WAN, SASE, and smart-city/IIoT). With an embedded deep learning AI engine and patented real-time deep content inspection technology, WedgeARP™ can detect never-before-seen malware in milliseconds. Running on an orchestrated threat management platform, it is an effective and autonomous approach to enable large-scale real-time threat prevention.

Through this agreement, RHEA Inc. expands its portfolio of cybersecurity solutions and the addition of Wedge Networks creates an excellent opportunity for providing real-time threat protection to its clients around the world.

Yves Metten, Executive Vice-President at RHEA Inc. said, “We are excited to enter into this strategic alliance with Wedge Networks as it will allow RHEA to enhance its real-time cybersecurity protection offer to its client base worldwide.”

“We will be offering the WedgeARP™ platform throughout the markets that we touch, and, with our in-house cybersecurity team, we will execute both sales and technical support to ensure the best solution integration and overall customer experience throughout Canada, Europe and South America,” said Metten.

RHEA Group is a niche and highly specialized international engineering company that provides services to the most respected institutional organizations and firms in aerospace, security, and defence around the world. Over the past three decades, the organization has contributed to history by working on many profound and ground-breaking projects. RHEA’s Concurrent Design methodology and information technology solutions have enhanced the design process of complex systems and products worldwide.

“RHEA Group is an important organization for Wedge Networks to partner in our mission to secure the cloud-connected world,” stated Dr. Hongwen Zhang, Wedge Networks, CEO & CTO. “Its dealings with some of the most mission critical applications for many prestigious organizations across the globe will place the WedgeARP™ platform into areas where real-time cybersecurity is of the highest priority.”

RHEA Group is authorized as an Elite Partner to distribute, market, and promote the Wedge Networks solutions in Canada, as well as across Europe and South America.E

About RHEA Group 

RHEA Group provides bespoke engineering solutions, systems development and cybersecurity services for space, military, government, and other critical infrastructure organizations. Their security teams are led by specialists with decades of experience and customers receive ongoing support from their highly skilled experts. As a trusted organization, RHEA has been providing cybersecurity services to government departments and organizations on two continents for decades. 

Headquartered in Montreal for its North American operations and in Belgium for its European operations, RHEA employs in excess of 550 people and has offices in Canada, Belgium, UK, Czech Republic, Italy, France, Luxembourg, Germany, Spain, Switzerland and the Netherlands. RHEA is ISO 9001 and ISO 27001 certified. For more information, visit: https://www.rheagroup.com.

About Wedge Networks

Wedge Networks Inc. is a Real-Time Threat Prevention solutions company. Its innovative technology platform, Wedge Absolute Real-time Protection (WedgeARP™), is a software defined orchestrated network security system. Deployed, via the cloud, on premises, or in a virtualized environment, in data centers by enterprises, governments, and managed security service providers, WedgeARP™ inspects, detects, and blocks in real-time, malware and cyber threats (known, unknown and customized). Wedge does this through its patented Deep Content Inspection (DCI) technologies, combined with artificial intelligence and best-of-breed security functions.

Awarded a Gartner Cool Vendor designation, and twice bestowed with Build-In-Canada Innovation awards, Wedge Networks is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit: https://www.wedgenetworks.com/

—————————————-

For media enquiries, please contact:

PR@wedgenetworks.com

mcc@rheagroup.com

Posted in Industry News, Latest Security News, Wedge Channel Partner Forum, Wedge News | Tagged , , , | Leave a comment

Popular Anti-Malware Products Are Failing to Recognize Notable Threats: Time to Replace Out With WedgeARP!!

No Gravatar

A brief but interesting article happened across my desk that made me pause and ponder the state of the popular and established cybersecurity solutions currently on the market.  Namely, the article from ITProPortal.com  that declared that “Half of anti-malware products fail to recognize notable threats”.  According to new analysis from SE Labs, many of the most popular and well-established solutions currently on the market do not protect their users from all notable threats.  In recent testing, the security firm put 14 of the world’s most popular cybersecurity solutions to task, with more than half of these products failing to identify all the threats sent their way.   The only notable exceptions to this shortcoming were products from Microsoft and Kaspersky Labs; both of which scored 100 percent on the tests.

What was interesting is that SE Labs pointed out that “Although we do ‘create’ threats by using publicly available free hacking tools, we don’t write unique malware so there is no technical reason why any vendor being tested should do poorly.”  In its testing, the firm used common threats that affect the general public as well as more targeted forms of attacks.  To us here at Wedge Networks, this is somewhat of a shocking revelation as we feel that if a virus is known and has a signature, it should be easily detected and blocked.

Now, with their failings in recognizing notable threats, one can only imagine how badly these products would fare with the new and never-before-seen malware that are being used by hackers and bad actors today!  If your firm is currently using some of the more popular cybersecurity solutions, you may want to do some research on whether your solution was one of the products that SE Labs tested.  If it is, you may want to consider replacing it out with Wedge Absolute Real-time Protection (WedgeARP).  WedgeARP uses patented deep content inspection and orchestrates multiple layers of security protection, including conventional and heuristics-based AV technologies (utilizing their full databases, unlike many solutions who are only able to use portions of the databases!).  This is just to catch the already known malware!  On top of that, it further enhances these AV technologies with deep machine learning / AI AV that can detect and block all of the unknown and never-before-seen malware and other variants.  WedgeARP does this all in milliseconds; enabling real-time threat prevention of all known and unknown malware threats.  If more than half of the more established cybersecurity solutions are failing on the simple task of detecting known threats, perhaps they are now past their prime.  To learn more about WedgeARP and how it can provide real-time threat prevention of both known and unknown malware, contact us at info@wedgenetworks.com.

Posted in Industry News, Latest Security News | Tagged , , , , , | Leave a comment

Wine and Spirits is Not Immune To Ransomware: Real-time Threat Prevention is Key to Securing Confidential Information

No Gravatar

It’s turning out that Wine and Spirits will be potentially drowning their sorrows in drink as U.S. alcoholic beverages giant Brown-Forman was hit by a cyber attack recently.  In this attack, attributed to the Sodinokibi (REvil) ransomware operators, the attackers were found to have been able to exfiltrate over 1TB of confidential data; with plans to sell the most important information to the highest bidder and then release the rest to the public. Although the company was able to prevent their systems and data from being encrypted, as per a Brown-Forman spokesperson stating that, “Brown-Forman was the victim of a cybersecurity attack. Our quick actions upon discovering the attack prevented our systems from being encrypted”, the kicker here is that the REvil group announced that they had been able to spend more than a month in Brown-Forman’s network examining the company’s user services, cloud data storage, and general structure, with proof provided in screenshots of database backup entries as recent as July 2020.

The attackers claim that the huge trove of data that they stole contained confidential information about employees, company agreements, contracts, financial statements and more, with documents dating back as far back as 2009.  As we’ve written in a previous blog, it is a common misconception by companies thinking that once the hackers have come in, taken data, and encrypted systems that they then leave so as not to get caught.  What is actually the case is that they can often still be lurking around the company’s network surreptitiously, continuing to monitor internal communications to ensure a more positive outcome to their demands.  This may have been such a case in Brown-Forman, with REvil lurking around in their network for an extended period, learning all about the company and its operations.

Although Brown-Forman was “lucky” in that their systems were not encrypted and that they could continue business operations, the fact is that hackers are holding onto a huge amount of data that can still be ransomed.  With no active negotiations taking place between the company and the hackers, it will be interesting to see how everything plays out in the end.  REvil continues to prompt the company for payment, saying that the group could force payment or get a higher price for the data in auction, since it contains a swath of information that could be useful to both investors as well as competition.  

This is yet another example of how the current “Detect and Remediate” approach to network security proves that it just does not work.  Companies continue to put themselves, their employees and their customers at huge risk by not looking at solutions that provide Real-time Threat Prevention.  Wedge Absolute Real-time Protection is such a solution.  Using patented deep content inspection, orchestrated threat management of multiple security services, and deep machine learning / AI, WedgeARP can detect known, unknown, zero-days and APTs and BLOCK them in real-time before they have a chance to infiltrate the network.  Prevention is the ONLY way to defend against ransomware attacks such as the one at Brown-Forman.  Contact our team at info@wedgenetworks.com to find out more.

Posted in Industry News, Latest Security News | Tagged , , , , , , , , | Leave a comment