Edgecore Networks Partners With Wedge Networks to Integrate Wedge’s Absolute Real-time Platform into Joint Product and Solutions Offerings

No Gravatar

24 September 2020 – HSINCHU, Taiwan and CALGARY, Canada: Edgecore Networks Corporation (Edgecore), the leader in open networking, delivering wired and wireless networking products and solutions to data centers, service providers, enterprises and SMB customers worldwide, has formally entered into a technology and distribution partnership with Wedge Networks.  Through this partnership, Edgecore will integrate Wedge’s Absolute Real-time Protection™ (WedgeARP™) platform software into a selection of its hardware devices such as Access Points, CPEs, Edge Devices, Network Devices, etc., for its global client base. 

WedgeARP™ provides network-based, real-time threat protection for all types of endpoints in a wide range of networks (mobile data, 5G, SD-WAN, SASE, and smart-city/IIoT). With an embedded deep learning AI engine and patented real-time deep content inspection technology, WedgeARP™ can detect never-before-seen malware in milliseconds. Running on an orchestrated threat management platform, it is an effective and autonomous approach to enable large-scale real-time threat prevention.

Within a global ecosystem of commercial partners and open-source communities, Edgecore Networks delivers networking solutions based on open hardware and software platforms that increase choice, freedom, greater control, encourage and quicken innovation, lower TCO, and stimulate new business models.  Through this agreement, Edgecore expands its product offerings with the addition of Wedge Networks’ software technology, creating an excellent opportunity for providing real-time threat protection to its clients around the world

TT Hsu, Vice-President at Edgecore Networks stated, “We have been working very well with Wedge Networks on our technology integrations and are pleased to formalize our strategic alliance as it will allow Edgecore to enhance our cybersecurity offerings with real-time threat prevention to our growing client base. Edgecore has a strong focus on providing complete solutions that generate value for our customers and to assist with realizing the potential for our digital-network society.  This partnership with Wedge Networks, and the joint products the alliance will bring, is expected to keep us ahead of the technological curve for network security going forward.”

“Edgecore is a key technology partner for Wedge and shares our vision of real-time threat prevention for the cloud connected world,” commented Dr. Hongwen Zhang, Wedge Networks, CEO & CTO. “The joint solution will benefit customers and partners to secure their digital transformation in the rapidly emerging SASE architecture.”

Edgecore Networks is authorized as a Strategic Technology Partner to promote the joint technology solutions around the world.

About Edgecore Networks 

Edgecore Networks Corporation is a wholly owned subsidiary of Accton Technology Corporation, the leading network ODM.  Edgecore Networks delivers wired and wireless networking products and solutions through channel partners and system integrators worldwide for the Data Center, Service Provider, Enterprise and SMB customers.  Edgecore Networks is the leader in open networking providing a full line of open Wi-Fi access points, packet transponders, virtual PON OLTs, cell site gateways, and 1G, 10G, 25G, 40G, 100G and 400G OCP-Accepted™ switches that offer choice of commercial and open source NOS and SDN software. For more information, visit: www.edge-core.com.

About Wedge Networks

Wedge Networks Inc. is a Real-Time Threat Prevention solutions company. Its innovative technology platform, Wedge Absolute Real-time Protection (WedgeARP™), is a software defined orchestrated network security system. Deployed, via the cloud, on premises, or in a virtualized environment, in data centers by enterprises, governments, and managed security service providers, WedgeARP™ inspects, detects, and blocks in real-time, malware and cyber threats (known, unknown and customized). Wedge does this through its patented Deep Content Inspection (DCI) technologies, combined with artificial intelligence and best-of-breed security functions.

Awarded a Gartner Cool Vendor designation, and twice bestowed with Build-In-Canada Innovation awards, Wedge Networks is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit: https://www.wedgenetworks.com/.

—————————————-

For media enquiries, please contact:

PR@wedgenetworks.com

This release contains forward-looking statements, which are based on current expectations, estimates, and projections about the Corporation’s business and prospects, as well as management’s beliefs, and certain assumptions made by management. Words such as “anticipates,” “expects,” “intends,” “plans,” “believes,” “seeks,” “estimates,” “may,” “should,” “will” and variations of these words are intended to identify forward-looking statements. Such statements speak only as of the date hereof and are subject to change. The Corporation undertakes no obligation to publicly revise or update any forward-looking statements for any reason, except as required under applicable securities laws. Readers are cautioned that any such forward-looking statements are not guarantees of future business activities and involve risks and uncertainties, and that the Corporation’s future business activities may differ materially from those in the forward-looking statements as a result of various factors , including, but not limited to, [NTD: expansion and business strategies, anticipated growth opportunities, the impact of the COVID-19 pandemic, general economic, market or business conditions, the amount of fundraising necessary to perform on its business objectives,  operational risks, the ability of the Corporation to raise necessary funds for its business objectives, and the outcome of commercial negotiations.] Such statements are not guarantees of future performance and are subject to certain risks, uncertainties, and assumptions that are difficult to predict. Accordingly, actual results could differ materially and adversely from those expressed in any forward-looking statements as a result of various factors. There can be no assurances that such information will prove accurate and, therefore, readers are advised to rely on their own evaluation of such uncertainties.

Ce communiqué de presse contient des déclarations prospectives fondées sur les attentes, estimations et projections actuelles concernant les activités et les perspectives de la compagnie, ainsi que sur les convictions de la direction et certaines hypothèses formulées par la direction. Des mots tels que “anticipe”, “s’attend”, “a l’intention”, “des plans”, “croit”, “cherche”, “estime”, “peut”, “devrait”, “aller faire” et les variantes de ces mots visent à identifier les déclarations prospectives. Ces déclarations ne sont valables qu’à la date du présente document et sont sujettes à modification. La compagnie n’assume aucune obligation de réviser ou de mettre à jour publiquement les énoncés prospectifs pour quelque raison que ce soit, sauf si c’est requis par les lois sur les valeurs mobilières applicables. Les lecteurs sont avertis que ces déclarations prospectives ne sont pas des garanties d’activités commerciales futures et impliquent des risques et des incertitudes et que les activités commerciales futures de la compagnie peuvent différer des déclarations prospectives en raison de divers facteurs, y compris, mais pas limiter à, [NTD: l’expansion et stratégies commerciales, des possibilités de croissance anticipées, l’impact de la pandémie COVID-19, l’économique général, les conditions du marché ou des affaires, le montant de la collecte de fonds nécessaires pour atteindre ses objectifs commerciaux,  les risques opérationnels, la capacité de la compagnie à lever les fonds nécessaires pour ses objectifs commerciaux, et le résultat des négociations commerciales.] De telles déclarations ne sont pas des garanties de performances futures et sont soumises à certains risques, incertitudes, et des hypothèses difficiles à prévoir. Par conséquent, les résultats réels pourraient différer de manière significative et défavorable de ceux exprimés dans les déclarations prospectives en raison de divers facteurs. Rien ne garantit que ces informations s’avéreront exactes et, donc, les lecteurs sont invités à se fier à leur propre évaluation de ces incertitudes.

Posted in Industry News, Latest Security News, Wedge Channel Partner Forum, Wedge News | Tagged , , , , , | Leave a comment

AI Automating Cybersecurity in Post-COVID World: Wedge can get you straight to Level 5…

No Gravatar

A great article in Venturebeat was recently published that brought up the marked acceleration of using AI in the realm of cybersecurity.  Unfortunately, cybercriminals are ahead of the curve in this regard and are evolving much more quickly in order to take advantage of the situation.  Cybercriminals have already started looking at artificial intelligence to help increase the breadth and depth of their attacks.  They have already begun utilizing AI to allow for faster cracking of passwords and to even automate their attack infrastructure.  With cybercriminals utilizing AI to their benefit, the question becomes, “What about the other side?  How can the Good Guys Utilize AI to defend against these attacks?”  

Venturebeat provided a nice little chart on the Levels of Cybersecurity Automation, which outlined the following:

Level 1 – Manual Detection & Manual Response – Events are detected by Security Operations Center (SOC) and fraud teams; manual mitigation of individual events.

Level 2 – Manual Detection & Semi-Automated Response – Responses are sufficiently well-understood that automation through rules and scripts is used in response and mitigation.

Level 3 – Semi-Automated Detection & Semi-Automated Response – Event detection facilitated by automated analytics; typically where machine learning (ML) is introduced.

Level 4 – Automated Detection & Semi-Automated Response – Event detection is fully automated through ML and other analytics, driving SOC & fraud workflows, investigations, and rule generation.

Level 5 – Fully Automated Detection and Fully Automated Response – Detection and response systems are fully automated for all events; manual effort is primarily focused on improving the automated system as opposed to dealing with individual events.   And this is where Wedge Networks can take you!

Unfortunately, most organizations are at Level 1, with some more sophisticated organizations in the Level 3 and 4 range. In order to adequately defend against the cybercriminals in the long term, organizations are going to have to be at Level 5, where AI can help to overcome the Security Gap; which is the gap in which the finite network security resources are quickly overrun by the exponentially expanding security threats.  Without Level 5, resources will continually be spent trying to deal with individual events, instead of focused on improving the security as a whole.. As the cybersecurity industry continues to further integrate AI and machine learning into solutions, it is boiling down to more of an analytics and automation problem; one that can often be plagued with both false positive and false negative issues that need to be worked out.  More false positives and customers are unhappy, more false negatives and successful attacks increase, and customers are again unhappy.

So, with all of the above, where is YOUR organization at in terms of AI integration?  Does your cybersecurity solution utilize AI and machine learning?  If not, why not?  If they do, to what level is it integrated?  

The great things is that Wedge saw the writing on the wall several years ago and did something about it.  We’ve actually been integrating Ai and machine learning into our Wedge Absolute Real-time Protection (WedgeARP) platform for several years now and with great success!  We have been orchestrating AI at the network level with our Wedge Advanced Malware Blocker, which revolutionized malware PREVENTION.  WedgeAMB orchestrates AI technology and other technologies to detect and block both known and unknown (never-before-seen) malware, preventing them from entering the network and stopping attacks before they can start.  Combined with WedgeIQ and the actionable threat analytics that it provides, Wedge has been at the forefront of AI utilization in the cyber security realm.  

And, we’ve not stopped improving!  Wedge has further devised Wedge Nucleation, which is an automated continuous deep learning process for real-time threat prevention.  This process uses automation for continuously training artificial neural networks (ANN) from filtered and labeled network data.  With each iteration, the ANN further improves its accuracy of filtering and labeling network data, adding to the ever-evolving intelligence.  This intelligence further reduces both false positives and false negatives, leading to much more accurate results.  To learn more about how Wedge has been utilizing AI in its real-time threat prevention platform, contact our team at: info@wedgenetworks.com.  It’s time that organizations jump ahead of the cybercriminals and protect themselves against the new generation of AI-based attacks.  Wedge Networks can enable your organization to do just that!

Posted in Industry News, Latest Security News | Tagged , , , , , , | Leave a comment

RHEA Inc. Enters into Strategic Alliance With Wedge Networks

No Gravatar

Leading cybersecurity and engineering solutions company, RHEA Group to offer Wedge Networks Absolute Real-time Protection platform – WedgeARP™ in Canada and across Europe and South America

10 September 2020 – CALGARY, Canada: RHEA Inc., headquartered in Montreal, Canada, offers bespoke engineering solutions, system development and security services, announced today that it has been appointed as an authorized Elite partner for Wedge Networks in the Canadian, European and South American markets. Through this strategic alliance / partnership, RHEA Inc. will be able to deliver the Wedge Absolute Real-time Protection™ (WedgeARP™) platform to its global customers who are actively looking for real-time protection from advanced persistent threats and never-before-seen malware.

WedgeARP™ provides network-based, real-time threat protection for all types of endpoints in a wide range of networks (mobile data, 5G, SD-WAN, SASE, and smart-city/IIoT). With an embedded deep learning AI engine and patented real-time deep content inspection technology, WedgeARP™ can detect never-before-seen malware in milliseconds. Running on an orchestrated threat management platform, it is an effective and autonomous approach to enable large-scale real-time threat prevention.

Through this agreement, RHEA Inc. expands its portfolio of cybersecurity solutions and the addition of Wedge Networks creates an excellent opportunity for providing real-time threat protection to its clients around the world.

Yves Metten, Executive Vice-President at RHEA Inc. said, “We are excited to enter into this strategic alliance with Wedge Networks as it will allow RHEA to enhance its real-time cybersecurity protection offer to its client base worldwide.”

“We will be offering the WedgeARP™ platform throughout the markets that we touch, and, with our in-house cybersecurity team, we will execute both sales and technical support to ensure the best solution integration and overall customer experience throughout Canada, Europe and South America,” said Metten.

RHEA Group is a niche and highly specialized international engineering company that provides services to the most respected institutional organizations and firms in aerospace, security, and defence around the world. Over the past three decades, the organization has contributed to history by working on many profound and ground-breaking projects. RHEA’s Concurrent Design methodology and information technology solutions have enhanced the design process of complex systems and products worldwide.

“RHEA Group is an important organization for Wedge Networks to partner in our mission to secure the cloud-connected world,” stated Dr. Hongwen Zhang, Wedge Networks, CEO & CTO. “Its dealings with some of the most mission critical applications for many prestigious organizations across the globe will place the WedgeARP™ platform into areas where real-time cybersecurity is of the highest priority.”

RHEA Group is authorized as an Elite Partner to distribute, market, and promote the Wedge Networks solutions in Canada, as well as across Europe and South America.E

About RHEA Group 

RHEA Group provides bespoke engineering solutions, systems development and cybersecurity services for space, military, government, and other critical infrastructure organizations. Their security teams are led by specialists with decades of experience and customers receive ongoing support from their highly skilled experts. As a trusted organization, RHEA has been providing cybersecurity services to government departments and organizations on two continents for decades. 

Headquartered in Montreal for its North American operations and in Belgium for its European operations, RHEA employs in excess of 550 people and has offices in Canada, Belgium, UK, Czech Republic, Italy, France, Luxembourg, Germany, Spain, Switzerland and the Netherlands. RHEA is ISO 9001 and ISO 27001 certified. For more information, visit: https://www.rheagroup.com.

About Wedge Networks

Wedge Networks Inc. is a Real-Time Threat Prevention solutions company. Its innovative technology platform, Wedge Absolute Real-time Protection (WedgeARP™), is a software defined orchestrated network security system. Deployed, via the cloud, on premises, or in a virtualized environment, in data centers by enterprises, governments, and managed security service providers, WedgeARP™ inspects, detects, and blocks in real-time, malware and cyber threats (known, unknown and customized). Wedge does this through its patented Deep Content Inspection (DCI) technologies, combined with artificial intelligence and best-of-breed security functions.

Awarded a Gartner Cool Vendor designation, and twice bestowed with Build-In-Canada Innovation awards, Wedge Networks is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit: https://www.wedgenetworks.com/

—————————————-

For media enquiries, please contact:

PR@wedgenetworks.com

mcc@rheagroup.com

Posted in Industry News, Latest Security News, Wedge Channel Partner Forum, Wedge News | Tagged , , , | Leave a comment

Popular Anti-Malware Products Are Failing to Recognize Notable Threats: Time to Replace Out With WedgeARP!!

No Gravatar

A brief but interesting article happened across my desk that made me pause and ponder the state of the popular and established cybersecurity solutions currently on the market.  Namely, the article from ITProPortal.com  that declared that “Half of anti-malware products fail to recognize notable threats”.  According to new analysis from SE Labs, many of the most popular and well-established solutions currently on the market do not protect their users from all notable threats.  In recent testing, the security firm put 14 of the world’s most popular cybersecurity solutions to task, with more than half of these products failing to identify all the threats sent their way.   The only notable exceptions to this shortcoming were products from Microsoft and Kaspersky Labs; both of which scored 100 percent on the tests.

What was interesting is that SE Labs pointed out that “Although we do ‘create’ threats by using publicly available free hacking tools, we don’t write unique malware so there is no technical reason why any vendor being tested should do poorly.”  In its testing, the firm used common threats that affect the general public as well as more targeted forms of attacks.  To us here at Wedge Networks, this is somewhat of a shocking revelation as we feel that if a virus is known and has a signature, it should be easily detected and blocked.

Now, with their failings in recognizing notable threats, one can only imagine how badly these products would fare with the new and never-before-seen malware that are being used by hackers and bad actors today!  If your firm is currently using some of the more popular cybersecurity solutions, you may want to do some research on whether your solution was one of the products that SE Labs tested.  If it is, you may want to consider replacing it out with Wedge Absolute Real-time Protection (WedgeARP).  WedgeARP uses patented deep content inspection and orchestrates multiple layers of security protection, including conventional and heuristics-based AV technologies (utilizing their full databases, unlike many solutions who are only able to use portions of the databases!).  This is just to catch the already known malware!  On top of that, it further enhances these AV technologies with deep machine learning / AI AV that can detect and block all of the unknown and never-before-seen malware and other variants.  WedgeARP does this all in milliseconds; enabling real-time threat prevention of all known and unknown malware threats.  If more than half of the more established cybersecurity solutions are failing on the simple task of detecting known threats, perhaps they are now past their prime.  To learn more about WedgeARP and how it can provide real-time threat prevention of both known and unknown malware, contact us at info@wedgenetworks.com.

Posted in Industry News, Latest Security News | Tagged , , , , , | Leave a comment

Wine and Spirits is Not Immune To Ransomware: Real-time Threat Prevention is Key to Securing Confidential Information

No Gravatar

It’s turning out that Wine and Spirits will be potentially drowning their sorrows in drink as U.S. alcoholic beverages giant Brown-Forman was hit by a cyber attack recently.  In this attack, attributed to the Sodinokibi (REvil) ransomware operators, the attackers were found to have been able to exfiltrate over 1TB of confidential data; with plans to sell the most important information to the highest bidder and then release the rest to the public. Although the company was able to prevent their systems and data from being encrypted, as per a Brown-Forman spokesperson stating that, “Brown-Forman was the victim of a cybersecurity attack. Our quick actions upon discovering the attack prevented our systems from being encrypted”, the kicker here is that the REvil group announced that they had been able to spend more than a month in Brown-Forman’s network examining the company’s user services, cloud data storage, and general structure, with proof provided in screenshots of database backup entries as recent as July 2020.

The attackers claim that the huge trove of data that they stole contained confidential information about employees, company agreements, contracts, financial statements and more, with documents dating back as far back as 2009.  As we’ve written in a previous blog, it is a common misconception by companies thinking that once the hackers have come in, taken data, and encrypted systems that they then leave so as not to get caught.  What is actually the case is that they can often still be lurking around the company’s network surreptitiously, continuing to monitor internal communications to ensure a more positive outcome to their demands.  This may have been such a case in Brown-Forman, with REvil lurking around in their network for an extended period, learning all about the company and its operations.

Although Brown-Forman was “lucky” in that their systems were not encrypted and that they could continue business operations, the fact is that hackers are holding onto a huge amount of data that can still be ransomed.  With no active negotiations taking place between the company and the hackers, it will be interesting to see how everything plays out in the end.  REvil continues to prompt the company for payment, saying that the group could force payment or get a higher price for the data in auction, since it contains a swath of information that could be useful to both investors as well as competition.  

This is yet another example of how the current “Detect and Remediate” approach to network security proves that it just does not work.  Companies continue to put themselves, their employees and their customers at huge risk by not looking at solutions that provide Real-time Threat Prevention.  Wedge Absolute Real-time Protection is such a solution.  Using patented deep content inspection, orchestrated threat management of multiple security services, and deep machine learning / AI, WedgeARP can detect known, unknown, zero-days and APTs and BLOCK them in real-time before they have a chance to infiltrate the network.  Prevention is the ONLY way to defend against ransomware attacks such as the one at Brown-Forman.  Contact our team at info@wedgenetworks.com to find out more.

Posted in Industry News, Latest Security News | Tagged , , , , , , , , | Leave a comment

Ransomware Partly to Blame for Company Being Forced Into Financial Restructuring: Could Your Firm be Next?

No Gravatar

Just a brief blog today about the dire results of a ransomware attack that hit foreign exchange company Travelex.  Stemming a ransomware attack that hit the company in December 2019, in conjunction with the current COVID-19 pandemic, the company has been forced into a GBP84MM financial restructuring in a bid to save the business.  “Despite operating over 1000 ATMs and 1000+ stores globally, and providing services for banks, supermarkets and travel agencies in over 60 countries, the firm was forced to cut over 1300 jobs as part of the restructuring.”

In this case, the Sodinokibi (REvil) variant of ransomware is believed to have been used in the attack, which forced its website online and impacted its brick-and-mortar stores and banking services.  Unfortunately, it took the company over 2 weeks for Travelex to get its customer-facing systems back online in the UK, causing an untold amount of monetary and brand damage.  The cause, although unconfirmed, suggests that the company had a critical unpatched vulnerability in its VPNs that may have allowed attackers to remotely launch malicious code.  Reports also state that the REvil hacker gang responsible for the attack demanded a ransom of GBP4.6MM for the decryption key and to delete stolen customer data.

This case again brings to light the dire consequences that some firms may face if they are hit by a ransomware attack.  Although Travelex has taken the steps to overcome the effects of the attack, as they work through a financial restructuring in order to safeguard jobs and to keep the business as an ongoing concern, many other companies are not as lucky.  Without adequate emergency and contingency plans in place, some companies have been forced out of business altogether.

So, the question is, “Could your firm be next?”.  How well prepared is your organization if it were to be hit by any sort of ransomware?  Do you have protection in place to detect and block something that could spell the doom of your company?  If you have any sort of concern that your organization could go under in such an attack, we suggest that you consider putting in place real-time threat protection that can detect and block all such attacks, BEFORE they can enter your network to do any harm.  Wedge’s Absolute Real-time Protection (WedgeARP) orchestrated threat management platform is a proactive way of dealing with all malware (including APTs, zero days, known and unknown).  Utilizing patented Deep Content Inspection techniques, along with orchestrated threat management with multiple layers of protection, WedgeARP can provide the safety blanket that organizations need in this age of increasing ransomware attacks.  WedgeARP is the first and only platform that applies deep learning / machine learning-based threat detection to network content.  The best way to not have to pay a ransom is to take the preventative approach of stopping ransomware before it can even get into your network.  Contact our team at: info@wedgenetworks.com to find out more about how you can protect your organization.

Posted in Industry News, Latest Security News | Tagged , , , , , , | Leave a comment

Garmin Ransomware Attack: How Malware Had a Massive Effect on Global Positioning Services

No Gravatar

An interesting ransomware case affected one of our co-workers recently as he went hiking in the Rocky Mountains.  This being that his Garmin GPS was out of commission as he was trying to navigate himself through the wilderness.  The good thing is that he was not in a life and death situation and lost somewhere in the forrest. The bad thing is that he was left with no mapping capabilities and did find himself trekking somewhat blindly during several sections of his hike.
 
Unfortunately, our co-worker was one of millions of customers globally in this situation as GPS titan Garmin’s website, customer support, apps and communications were all taken out by a massive ransomware  attack in late July 2020.  This ransomware, which was finally admitted by the company after days of nebulous statements, locked users out of their GPS services and disrupted a wide variety of Garmin GPS-based systems, along with causing Garmin an untold amount of reputational damage.  This is due to what many perceive to be mismanagement of the initial crisis response by the company.

According to an SEC report that the company filed in December of 2019, Garmin officials provided some insight into just how damaging a cyberattack would be to the company as it has transitioned from a simple GPS navigation company to a health and fitness tracking organization.  It collects, stores, processes and uses a wide variety of personal user information such as names, addresses, phone numbers, email addresses, payment accounts, height, weight, age, gender, heart rates, sleeping patterns, GPS locations and other activities.  Any of this information, if it were to be leaked, could cause a ton of headaches for the company as users lose confidence in Garmin’s ability to safeguard their confidential data.

In this case, security experts have confirmed that the WastedLocker ransomware was to blame for the attack.  This ransomware is a new variety that is operated by a hacker group known as Evil Corp.  The only positive news about the usage of this particular piece of ransomware is that it does not yet appear to have the capability to steal or exfiltrate the data before it encrypts the victim’s files (unlike even newer ransomware strains). This seems to be the case as Garmin put out a statement saying that it had “no indication that this outage has affected your data, including activity, payment or other personal information”.  In some cases, companies that have backups can sometimes get away without paying the demanded ransom.  However, those who do not have adequate backups have often faced ransom demands as high as $10MM.  With this uptick in ransom demands, it will not be surprising if other big companies are targeted in the near future as well.  Unlike smaller organizations who do not have the resources to pay high ransoms, bigger companies are often well-insured and can pay a lot more.

As Garmin’s services start coming back online, there is speculation that the company ended up having to give in to ransom demands in order to get their services back as quickly as they have been able to.  The interesting thing is that the U.S. Treasury department imposed sanctions on Evil Corp for their involvement in a decades-long hacking campaign against a variety of large global corporations and other U.S. interest.  As a result, it is nearly impossible for U.S.-based companies to pay ransoms to this hacker organization as they are generally prohibited from transacting with sanctioned groups.  This sets up a legal minefield for any company that considers paying a ransom to Evil Corp as a result of the WastedLocker ransomware.  In this respect, guess are that Garmin somehow did pay a ransom and may face some Treasury department sanctions in the near future.

Getting back to the underlying point of this story is that ransomware is certainly becoming a huge thorn in the side of corporations around the world.  It is causing companies grief in terms of lost revenues from service disruptions, losses to reputation, potential data breaches, as well as losses from having to pay ransoms.  The thing is that ransomware attacks such as these could be easily prevented through the use of Detect and Block solution such as the Wedge Absolute Real-time Protection (WedgeARP) platform.  Through a combination of patented Deep Content Inspection, orchestrated threat management and deep learning / machine learning, WedgeARP is able to stop all malware (including known, never-before-seen, APTs and zero-days) in real-time, BEFORE they can enter the network.  If companies such as Garmin were to embrace the proactive Detect and Block approach to network security with a solution such as provided by Wedge, this attack could have been stopped before any damage could occur.  To find out more about WedgeARP and the Detect and Block approach, contact our team at: info@wedgenetworks.com.  

Posted in Industry News, Latest Security News | Tagged , , , , , , | Leave a comment

Strange Measure of Success: Repelling a Ransomware Attack But STILL Having to Pay a Ransom

No Gravatar

A very interesting article came across the wire recently that had us wondering how the measure of success has seemingly changed recently; especially as it pertains to preventing malware and, in particular, ransomware.  ZDNet posted an article outlining how Blackbaud, one of the world’s largest providers of financial and fundraising technology for non-profits, had been hacked.  In this case, Blackbaud’s security team was able to detect and “successfully” prevent the blocking of system access for users as well as prevent the encryption of their files.  However, as is the case now with ransomware groups, they tend to pursue two avenues for extracting ransom; either for decrypting files, or in the case where the victim refuse to pay and intend on rebuilding their systems from scratch, the hackers will demand a ransom for NOT publishing the data that they have accessed and exfiltrated.  Unfortunately, the attack on Blackbaud was a prime example of “today’s double-extortion ransomware attacks”.  Blackbaud, concerned that a subset of their data had been stolen by the hackers, and not wanting this data to be published, still ended up paying an undisclosed amount in order to ensure that the hackers confirmed that the data they copied had been removed or destroyed.  So, although there was a measure of success by the company’s security team to prevent encryption and lock-up of their systems, this “success” is questionable since they still had to pay out a ransom.

And so, this is the reality for organizations when it comes to their network security; a single attack can provide several avenues for hackers to extort their ransom.  In some cases, these nefarious groups will actually double-dip; requesting one fee for decrypting files and ANOTHER fee for deleting the files that they were able to steal during the attack.  Either way, we feel that having to pay any sort of ransom does not count as successfully thwarting a ransomware attack.  In any case where a hacker has been able to successfully gain access to a network, it is a failure of the Detect and Remediate methodology that so many companies still utilize.  We feel that the only real “success” would be the case where an attack has been Detected and Blocked, BEFORE any network incursion has taken place.  
At Wedge, we are firm believers that the Detect and Block approach is the only true way that networks can be protected.  There are just too many consequences that organizations face once their network has been breached.  The Real-time malware prevention approach is the basis behind Wedge’s Absolute Real-time Protection (WedgeARP) orchestrated threat management platform.  Using a proactive, rather than reactive, way of dealing with all malware (including APT, zero days, known and never-before-seen), WedgeARP utilizes patented Deep Content Inspection techniques, along with orchestrated threat management with multiple layers of protection, to provide its real-time threat protection.  WedgeARP is the first and only platform that applies deep learning / machine learning based threat detection to network content.
 
If you feel that the only true measure of success in dealing with malware and ransomware attacks is by having your network fully protected and by NOT having to pay ransom, you may want to look at the Detect and Block approach that Wedge Networks espouses.  Find our more by contacting our team at: info@wedgenetworks.com.  Having a real-time orchestrated threat management system that can successfully detect and BLOCK attacks before they happen can save your organization time and money by not having to deal with the clean-up efforts that a Detect and Remediate approach requires.

Posted in Industry News, Latest Security News | Tagged , , , , , , , | Leave a comment

Even AFTER a Ransomware Attack, Hackers Continue to Lurk on the Networks: Another Big Reason to Detect and Block This Activity BEFORE It Happens!

No Gravatar

Ransomware continues to be a thorn in everybody’s side, with hackers continuing their unrelenting attacks despite the world being in the midst of a pandemic.  An interesting article from bleeping computer brought to light some interesting information that many organizations are not aware of even after they feel they’ve dealt properly with a ransomware attack.  The popular thought is that after a ransomware attack occurs, the attackers leave so that they won’t get caught.  “Unfortunately, the reality is much different as threat actors are not so quick to give up a resource that they worked so hard to control.”

What actually happens is that a ransomware attack often occurs over an extended period of time, starting with the hacker breaching and accessing a network.  Often, once a network is accessed, other tools are then implemented to gather login credentials and other valuable information.  These credentials are then used to exfiltrate unencrypted files prior to deploying ransomware software.  Once the ransomware is out in the open, even though victims may feel that the hackers have now left their system, the reality is that the hackers are possibly still stealing files AFTER the attack.  The new mode of operation is that, instead of the hackers demanding ransom and running for the hills, they will demand the ransom and then continue lurking around on the network to ensure that they get a more positive outcome to their demands.

In the example provided by bleeping computer, a recent Maze ransomware attack on a San Antonio Aerospace company showed that the hackers were still operating within the company’s network after the fact when they leaked a document from the company’s IT department reporting on the ransomware attack that had just been perpetrated!  Often, hackers are reading their victim’s emails on how they are dealing with the ransomware attack; even as ransomware negotiations are taking place.

The advice that is provided by the experts is that after detecting a ransomware attack, the company should first shut down their network and all computer systems running on it in order to prevent further encryption of data as well as to deny attackers access to systems.  Once this is done, the company should look to a 3rd party cyber security company to perform a full investigation; with the expectation that this audit will provide information on corporate devices that may have persistent infections, other vulnerabilities, as well as detect any malicious software left behind by the hackers.  The victim should be take on the assumption that their network was completely compromised and that even backup servers may have been infected.  They should also look to a different method of communication, not tied to their network, just in case the hackers are still accessing the victim’s regular communication channels.  Victims should also be mindful that even though they may need to completely wipe and rebuild there machines and servers, the hackers may have stolen their credentials so they should ensure that all of the previous credentials are changed in order to mitigate additional access by the hackers.

Unfortunately, the above is still all a result of the prevalent “Detect, Quarantine and Remediate” approach to network security.  Wedge customers would not have to deal with the above case since they subscribe to the “Detect and Block” approach; stopping malware and ransomware in its tracks BEFORE they can enter the network.  As well, Wedge’s solution goes one step further and is able to further guard your gateway by scanning for both incoming AND outgoing threats; thus would be able to detect malicious outbound communications from hackers should the threat already be present within the network.  The big thing about the Detect, Quarantine, Remediate way of doing things is that it tries to solve the problem of malware after the fact.  Once a network has been infected, in order to ensure that malware has been eradicated, the long process of a wipe and rebuild has to occur.  Wedge’s solution is proactive in detecting and blocking attacks but also provides protection by scanning outbound content for malware should the threat be coming from within the network.

There is such a stark difference between a remediation approach and a prevention approach.  Wedge Absolute Real-time Protection (WedgeARP) utilizes a proactive, rather than reactive way of dealing with malware; providing real-time threat protection through the use of patented Deep Content Inspection, along with orchestrated threat management with multiple layers of protection.  WedgeARP is the first and only platform that can apply deep learning / machine learning based threat detection to the network content.  It can detect and block in real-time sophisticated and growing numbers of new, previously unknown and customized or targeted malware variants.  If you feel that a Detect and Block approach may be what your organization is looking to move to instead of continually dealing with remediation activities, contact our team at: info@wedgenetworks.com.  Once you’ve experienced the difference in approaches, you’ll wonder why organizations are still stuck on the Detect and Remediate approach.

Posted in Industry News, Latest Security News | Tagged , , , , | Leave a comment

Wedge Networks to Provide Advanced Real-time Security Leadership in CELTIC-NEXT Project on 5G-enabled Road Safety

No Gravatar

Wedge Networks, Inc., a Leader in Real-time Threat Prevention, Has Been Selected by the Consortium of CELTIC-NEXT Project 5G-SAFE-PLUS to Lead Cyber Security Efforts for CAV and Smart Transportation Safety Services and Chair the Canadian Cluster

CALGARY, Canada – June 30th, 2020 –   Wedge Networks, a global leader in Orchestrated Real-time Threat Prevention, today announced that it has joined the Consortium of CELTIC-NEXT project 5G-SAFE-PLUS to lead Cyber Security Efforts.  Real-time threat prevention is critical for Connected and Autonomous Vehicles (CAVs), smart infrastructure, smart cities, and the digital transformation of our economy.  Supported by the Government of Canada and EUREKA Cluster CELTIC-NEXT, a successful Pan-European RDI initiative in the ICT domain, the Wedge Absolute Real-time Protection™ (WedgeARP™) platform will provide the foundation for innovations in real-time threat prevention to secure 5G-Enabled road safety services, spanning from CAV to transportation services infrastructures.

CELTIC-NEXT project 5G-SAFE-PLUS focuses on smart transportation network safety measures.  It aims to prevent traffic accidents and avoid casualties by delivering 5G-enabled time-critical road safety services to vehicles; following the EU vision of reaching close to zero traffic casualties by 2050.  The project will support interoperability with CAVs, wide-scale implementation and usage of advanced road weather, road maintenance and road safety services with enhanced 5G networking capabilities and service enablers.  With 5G, smart transportation systems will be able to act in real-time.  However, this connectivity also increases the security attack surface, making cyber-attacks and malware intrusion a life-and-death issue.  Advanced real-time threat prevention will be a key deliverable in this project.  The overall solution and services will be piloted in test sites hosted by the partner countries.

“The 5G-SAFE-PLUS project contributes to the vision of EUREKA Cluster CELTIC-NEXT by making transport and mobility smarter, more secure, safer and greener,” says Christiane Reinsch, CELTIC-NEXT Programme Coordinator. “We welcome that Wedge Networks contributes to the cyber security and safety aspects of 5G-SAFE-PLUS.”

“We are inspired by the vision of the 5G-SAFE-PLUS consortium,” remarked Dr. Hongwen Zhang, Wedge Networks, CEO & CTO. “Wedge Networks’ mission is to provide real-time threat prevention for the cloud connected world. The Connected and Autonomous Vehicle and smart transportation industry is one of the largest industries that requires real-time security and safety. We are honored to lead the cyber security group and the Canadian cluster in this very important CELTIC-NEXT project consortium. We look forward to working with other members across Europe to realize the vision of zero traffic casualties by 2050.”

“The main objective of 5G-SAFE-PLUS is to show a way towards the deployment of commercially viable and accessible co-operative systems and 5G-enabled services that can be implemented in various environments and conditions,” states Pekka Eloranta, Senior Consultant at Sitowise Oy and Project Coordinator of 5G-SAFE-PLUS. “Wedge Networks’ vision and core competence in real-time threat prevention will greatly benefit this project.  Its role as the chair of the Canadian Cluster will also bring in innovations in advanced communications, auto manufacturing, smart transportation and smart cities, from Canada.“

About CELTIC-NEXT project 5G-SAFE-PLUS

The 5G-SAFE-PLUS project for “5G Enabled Road Safety Services” aims to prevent traffic accidents and avoid casualties by delivering 5G-enabled time-critical road safety services to vehicles. Here, accurate weather and road maintenance information plays a key role together with direct incident/accident event information. The project will support wide-scale implementation and usage of advanced road weather, road maintenance and road safety services with enhanced 5G networking capabilities and service enablers.

For more information about 5G-SAFE-PLUS, visit: www.celticnext.eu/project-5g-safe-plus/

About CELTIC-NEXT

CELTIC-NEXT is the EUREKA Cluster for next-generation communications enabling the digital society. CELTIC-NEXT stimulates and orchestrates international collaborative projects in the Information and Communications Technology (ICT) domain. The CELTIC-NEXT programme includes a wide scope of ICT topics based on new high-performance communications networks supporting data-rich applications and advanced services, both in the ICT sector and across all vertical sectors. CELTIC-NEXT is labelled for 8 years from January 2019 until December 2026.

CELTIC-NEXT is an industry-driven initiative, involving all the major ICT industry players as well as many SMEs, service providers, and research institutions. The CELTIC-NEXT activities are open to all organisations that share the CELTIC-NEXT vision of an inclusive digital society and are willing to collaborate to their own benefit, aligned with their national priorities, to advance the development and uptake of advanced ICT solutions.

For more information about CELTIC-NEXT, visit: www.celticnext.eu

About EUREKA

EUREKA is an intergovernmental network launched in 1985, to support market-oriented R&D and innovation projects by industry, research centres and universities across all technological sectors. It is composed of 41 member states, including the European Union represented by the Commission and three associated states – Canada, South Africa and South Korea. With its flexible and decentralised network, EUREKA offers project partners rapid access to skills and expertise across Europe and national public and private funding schemes.

For more information about EUREKA, visit: www.eurekanetwork.org

About Wedge Networks

Wedge Networks Inc. is a Real-Time Threat Prevention solutions company.  Its innovative technology platform, Wedge Absolute Real-time Protection (WedgeARP™), is a software defined orchestrated network security system. Deployed in data centers by enterprises, governments,  and managed security service providers, WedgeARP™ inspects, detects, and blocks in real-time, malware and cyber threats (known, unknown and customized). Wedge does this through its patented Deep Content Inspection (DCI) technologies, combined with artificial intelligence and best-of-breed security functions.

Awarded a Gartner Cool Vendor designation, and twice bestowed with Build-In-Canada Innovation awards, Wedge Networks is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, and the Middle East and North Africa regions. 

For more information on Wedge Networks, visit http://www.wedgenetworks.com

Media Contact:

Wedge Networks:

Please forward any media or PR inquiries to: PR@wedgenetworks.com

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , | Leave a comment