SafetyDetectives spoke with Christian Ferenz, the CEO and co-founder of Cubro Network Visibility, about network security and how to detect, secure, and avoid cyberattacks.
Can you talk about your background and what motivated you to co-found Cubro?
As a CEO and co-founder of Cubro, my motivation stemmed from a pivotal moment during my time working as a reseller of monitoring boxes. During a business meeting with a customer, I was asked if I could provide them with a network TAP. They explained how this tool could help save the company’s IT costs, and it became clear that there were not many vendors of network visibility tools at that time. This sparked an idea, and I decided to seize the opportunity.
Together with my two colleagues, we created a Network TAP, which the customer tested and, after some changes, decided to deploy in their network. It’s amazing that those first TAPs we made in 2003 are still in use today! Our business idea is centered around forming strong partnerships with our customers.
By understanding the challenges related to network visibility and leveraging our technical expertise, we started producing more advanced tools like network packet brokers and probes. It all began with producing our first product in a garage, and now our products are installed in several major CSPs and enterprises worldwide.
What are the main services offered by Cubro?
Cubro provides a range of network visibility solutions that help organizations monitor
and optimize their networks for performance, security, and compliance. Our main
services include:
- Network Packet Brokers (NPBs): Cubro’s NPBs help organizations manage and optimize their network traffic by filtering, aggregating, and load-balancing network packets. This helps organizations reduce network congestion and improve the performance of their critical applications.
- Probes: Cubro’s network probes help organizations monitor their network traffic for security threats, compliance violations, and other anomalies. Our probes are designed to work with various network technologies, including Ethernet, IP, and MPLS.
- Network TAPs: Cubro’s network TAPs provide organizations with full network visibility by copying network traffic to monitoring tools without affecting the network’s performance. Our TAPs are designed for high availability and reliability and are suitable for use in data centres, service provider networks, and enterprise networks.
- Bypass Switches: Cubro’s switches provide a fail-safe mechanism for critical network links, allowing organisations to maintain network uptime and prevent costly disruptions. Our bypass switches come in different configurations, including inline and out-of-band, and support a variety of network speeds and protocols.
Are there any signs that would indicate there might be something malicious in the company network?
Some common signs to look out for include:
- Unusual network activity: If you notice a sudden increase in network traffic, especially during non-business hours, it could be a sign of malicious activity.
- Suspicious user behaviour: If a user is accessing files or systems they don’t normally use or attempting to access files or systems outside of their normal working hours, it could be a sign of unauthorized access.
- Unauthorized changes: If changes have been made to the network or system configurations without proper authorization, it could be a sign of malicious activity.
- Unexplained system crashes: If systems are crashing or becoming unavailable for no apparent reason, it could be a sign of a cyberattack or malware infection.
- Suspicious log entries: If there are unusual log entries in your network or system logs, such as failed login attempts or access attempts to sensitive areas of your network, it could be a sign of unauthorized access or an attempted cyberattack.
What are the most effective methods to strengthen a company’s network security?
Some effective methods to strengthen a company’s network security and protect it against cyber threats include:
- Use strong passwords and multi-factor authentication: Encourage employees to use strong passwords that include a mix of letters, numbers, and special characters. Implement multi-factor authentication to add an extra layer of security.
- Keep software and systems up-to-date: Regularly update software, operating systems, and security patches to protect against known vulnerabilities.
- Use firewalls and intrusion detection systems: Set up firewalls to monitor and control network traffic, and use intrusion detection and prevention systems to detect and prevent malicious activity.
- Implement a comprehensive security policy: Develop and implement a comprehensive security policy that outlines the company’s security procedures and guidelines.
- Conduct regular security training: Regularly train employees on best security practices, such as how to recognize and report suspicious emails, how to avoid phishing attacks, and how to store and transmit sensitive data securely.
- Perform regular security audits: Regularly perform security audits to identify vulnerabilities and potential security risks.
- Monitor network traffic: Monitor network traffic to detect suspicious activity and potential security breaches.
What are the most harmful cyberattacks carried out via insecure networks?
There are many harmful cyberattacks that can be carried out via insecure networks. Here are some of the most common and damaging types of cyberattacks:
- Ransomware attacks: Ransomware is a type of malware that encrypts a victim’s files and demands payment in exchange for the decryption key. Ransomware attackers often target insecure networks because they are more vulnerable to exploitation.
- Phishing attacks: Phishing attacks trick users into revealing sensitive information, such as passwords or credit card numbers. Insecure networks can make it easier for attackers to carry out phishing attacks because they can intercept and manipulate data.
- Distributed denial-of-service (DDoS) attacks: DDoS attacks are designed to overwhelm a website or network with traffic, making it inaccessible to users. Insecure networks can be used to launch DDoS attacks because they are more susceptible to being compromised and used as part of a botnet.
- Data breaches: Data breaches involve unauthorized access to sensitive data, such as personal information or financial records. Insecure networks can make it easier for attackers to access this information by exploiting vulnerabilities or weak security measures.
- Malware infections: Malware is a type of software that is designed to damage or disable computers or networks. Insecure networks can be more easily infected with malware because they lack proper security measures, such as firewalls or antivirus software.
How do you see network security evolving over the next few years? What kind of attacks will we see more of in the upcoming years, and how can the average person secure their home networks?
In the next few years, the field of network security is expected to experience significant changes and challenges. One of the notable developments is the increased use of artificial intelligence (AI) and machine learning (ML) in cybersecurity. These technologies can be utilised to automate threat detection, analyse network behaviour, and enhance incident response times. Additionally, as more organizations move their data and applications to the cloud, there will be a greater emphasis on cloud security to safeguard against cloud-based attacks. Another emerging trend is the growth of the Internet of Things (IoT), which is projected to lead to the proliferation of new vulnerabilities and potential attack surfaces. Finally, cybercriminals are expected to continue developing more sophisticated and targeted attacks, such as zero-day exploits and advanced persistent threats. These developments highlight the importance of proactive measures to secure networks against potential threats.
To secure their home networks, the average person can take the following steps:
- Use strong passwords and multi-factor authentication: Use unique, complex passwords for all accounts and enable multi-factor authentication whenever possible.
- Keep software and systems up-to-date: Regularly update software, operating systems, and security patches to protect against known vulnerabilities.
- Use a strong firewall: Install and configure a strong firewall to monitor and control network traffic.
- Use a VPN: Use a Virtual Private Network (VPN) to encrypt internet traffic and protect against eavesdropping.
- Be cautious of phishing emails: Avoid clicking links or downloading attachments from suspicious emails or websites.
- Use antivirus and anti-malware software: Install and regularly update antivirus and anti-malware software to protect against viruses, Trojans, and other malicious software.
- Secure IoT devices: Change the default passwords on IoT devices, and keep them up-to-date with the latest firmware, and only use trusted devices and vendors.