Cyber threats have become more dynamic and sophisticated than ever before. Watch the video below as the ThreatSTOP team discusses the real danger of dynamic threats and the need for protection.

 

 

 

The Need for Dynamic Responses

Static security measures that rely on predefined rules and signatures are no longer sufficient to defend against emerging threats. The dynamic nature of modern attacks requires an equally dynamic response. Organizations must be able to adapt their security strategies and defenses in real-time to counter new and evolving threats effectively.

Automating Security Through a Name You Can Trust

ThreatSTOP offers automated responses and protection services to businesses just like yours. The company leverages real-time threat intelligence from various sources, including government agencies, security researchers, and collaborative threat-sharing communities. By continuously analyzing and updating threat data, ThreatSTOP ensures that information about emerging threats remains up-to-date.

One of the primary benefits of ThreatSTOP lies in its ability to save you both time and money. Rather than relying on businesses to create and manage their own security programs, ThreatSTOP does all of the hard work for you. Instead of forcing you to spend thousands of dollars developing a program in-house, you can use this existing solution that already integrates with your existing security infrastructure.

The Professionals Behind ThreatSTOP

ThreatSTOP is supported by seasoned professionals who have spent years studying network infrastructure, cybersecurity, military intelligence, and threat intelligence. These experts work with you to ensure your company is as protected as it can possibly be.

Are you ready to protect your company against dynamic cyber threats? Do you want to avoid the frustration that comes from trying to manage these threats on your own? If you feel managing the pressure that dynamic cyber threats require dynamic responses is too much, contact ThreatSTOP and let us handle the job. We will stop these cyber threats so you can keep your focus on your business.

If you would like to try our demo, click the link below to get started!

Get a Demo

 

Learn More:

What DNS Security Does A Typical Enterprise Need?

DNS Defense Cloud 

DNS Defense 

 

Video Transcript

Dynamic Geography
We've talked a lot about how the problem really is timeliness in dealing with a dynamic situation, and as the Chinese like to say, we live in interesting times.

What's happened in the Ukraine is probably foreshadowing unfortunately, what's going on in the world at large, and broadly likely to be a bigger issue as we go forward. The fact is dynamic threats, dynamic systems require dynamic responses, and that can only be automated. If you are trying to do this manually or even trying to build it yourself, then you're essentially going to be a hamster on a treadmill spending a lot of money doing things that aren't what your business is in the business of doing, but it's necessary for you to be able to do your business.

We built ThreatSTOP to do that, particularly with Paul's expertise in network infrastructure and IETF standards, and DNS. We have a very good finger of a pulse of where that's going. We all just got back to the ATF in Yokohama, and Ofir, with her background in military intelligence and later threat intelligence and also psychology, has a team that's really good at following up on this and building the relationships we need.

So I think, you know, we talk a lot about dynamics and why that's a big issue. I think we also don't touch enough on the stress levels that people have in organizations and dealing with this. They lose the weekends they have all of a sudden, they get law enforcement knocking on their door, and all they want to do is just do business, and they weren't typically trying to break the law. 

Yeah, and you know, Tom, I think recently what we've seen with Russia and Ukraine, you know, at least for the last decade or two, that's a situation that was almost unprecedented right beforehand. We, you know, OPEC has been around for a long time, and OPEC sanctions have been around for a long time, but they were a bit clear for the world. The world was used to dealing with other countries that you can deal with and countries that you can't, and Russia, as this global business leader, comes into play, attacks Ukraine, and leaves the whole business world in a state of ‘what happens now’ because suddenly a big part of many global businesses, of their customer base, of their, you know, partnerships are now being sanctioned. 

Then obviously, we talk about Ukraine as well and Russia invading parts of Ukraine, and that complexity, and you know, the situation that businesses are left with is much harder today than it was looking back a year and a half ago, two years ago, and so what you're talking about at stress, being overworked, you know burnout for the teams if beforehand it was hard; it's now harder.

Yeah, I agree, and we should really talk about the elephant in the room. I mean, Xi Jinping has been saber-rattling about Taiwan for quite some time, but China and portions of the military-aligned industries in China are already subject to many sanction regimes, and those are changing rapidly. The news right now is banning TikTok, but the problem already exists that the second largest economy in the world, which is the world's manufacturing board, already has a significant number of entities and related entities that are sanctioned, and who's keeping track of that? I mean, you manufacture something in China, okay, but you've got to make sure it's not manufactured by a group of igors in a concentration camp in Jinyang. How do you do that, and who did it this week, right? 

I mean, speak to the work we've been doing it up with five by. 

About that, so yeah, five by, as I said, are really leaders in the compliance space, and they are able to do that. They have a whole team of analysts who are, you know, have that expertise in sanctions. They go and they research, and they find all of these, you know, invasive subsidiaries in, you know, the hardest to find countries, and they're able to give us that list of information and say listen, like okay, if Huawei was to be sanctioned, all of these other countries would be sanctioned inside and outside of China. So again, we always have the kind of obvious ones and then the rest who are, you know, even if they're not invasive, you might not know about them. If they are, it's much harder.

And the reason we're able to do this is we come from a network in marketing background. We understand that where something physically is is not necessarily indicative of who it's under the control of. Now, Paul, you were at the ITF in Yokohama and there's a lot of discussion about policy around that, and you've obviously been working on this project in one way, shape, or form dealing with compliance and at a career level ever since phenomenon. So what do you think? What are you saying?

Well, I think this dynamic geography, you know, we still have the problem of BGP hijacking, so you don't need an army, and you don't have to come in and rewire somebody's network. A little bit of BGP hacking can deal with it, so people are trying to figure out, I think, how to have not only a way to secure the routing but also, as a secondary defense, a way to deal with the running when it isn't secure. 

So that's one of the things that we do at ThreatSTOP is we keep track of when this traffic is being routed through places it shouldn't be routed; but you know, I have to wonder whether or not the safety of a bunch of mass-market services that don't support things like DNS, SEC and so forth, you know, are just relying on certificates and if you have one bad root certificate actor, how vulnerable you are. And I think the certificate waters are much more at risk than a lot of people think. 

I mean, that happened, right? There was, it wasn't even a bad, stupid actor; it was just someone who got socially engineered, and they issued a certificate that signed code is microsoft.com, and it happened to Sofos with C-Cleaner. There was a fake signed thing that goes into your computer, runs as the escalated administrative user to clean out stuff, and it turned out it was a Trojan.

We also had the situation of BGP hijacking might seem historic to people, but YouTube got routed through Pakistan and then blocked at one point, and they claim it was a mistake, but you know, Amazon's Route 53, which is DNS for everything in Amazon got hijacked and routed through China for a while there a few years ago. This is not news; in fact, it was our efforts to fit, find, and block BGP hijacking, all that to us figuring out, well, at least we can use this to block the Crimean ISPS that Russia has taken over, and so when Russia invaded Ukraine, we already had the infrastructure in place. We automatically saw it; that was lucky happenstance for us and our customers, but it started off as a way to try to figure out who was hijacking IP address space.

So yeah, I agree, and it's not hypothetical. It's happened, and it will continue to happen. So I think, you know, we're not trying to scare anybody. It's happening, it's there. We try to make it easy to comply with it, and we hope that we can have a conversation with you and your teams about how to do this for yourselves and for others.

Thanks for your time.