Community Shield™ - The Release of a New Line of Defense Community Shield™ - The Release of a New Line of Defense

Community Shield™ – The Release of a New Line of Defense

by Calyptix, September 14, 2021

We are proud to announce the latest release of the AccessEnforcer®  software – Version 5.0.3. This update includes Community Shield™, a community driven, proactive feature to further defend users from US-based hostile network traffic and attacks. In addition, network administrators can now identify and block destructive outbound connections, stopping the extraction of sensitive company information by malicious cyber actors. 

Community Shield leverages Calyptix’s fleet of AccessEnforcers with expert analysis to defend customers from a range of threats that often leverage US-based infrastructure.  When combined with the Geo Fence feature on the AccessEnforcer, network administrators and business owners can have increased assurance that their defensive networks are identifying attacks that often go undetected.   Nightly, each AccessEnforcer is updated with the latest list of malicious IP addresses that should be blocked based on insights gained from the community of AccessEnforcer units and External Threat Feeds,  curated from reputable external sources to maximize your network protection. 

Large enterprises spend fortunes trying to correlate malicious events to detect unauthorized or harmful outbound traffic across their entire organization and pay top dollar for third party, often unrelated, threat feeds. For no additional cost to our small business customers, Community Shield provides automated traffic correlation and protection from threat actors we know are actively targeting our customers and the industries we support. 

The Invisible Threat in Outbound Communications

Every day, hundreds of thousands of scans occur unnoticed on networks across the world for the purpose of reconnaissance. Bad actors with automated tools scan a range of IP addresses in the attempt to gain access to sensitive information, including employee and customer data, on any given network.  Most of the time, this information is sold to augment a larger attack or effort, varying on the environment and the data found. In other scenarios, the threat actor can place an application on the network calling out to a separate location to serve as a  stepping stone for hidden network access. Most networks do not block or challenge outbound connections, especially in the U.S where infrastructure is passively monitored and regulated. 

With the release of Community Shield and the addition of the External Threat Feeds in AccessEnforcer 5.0.3, now, we identify and stop those outbound connections from taking place so our partners and customers can quickly investigate the machines engaged in that suspicious, potentially unwanted and possibly malicious activity. 

A New Era – The Remote Worker Rises

Since the beginning of the COVID-19 pandemic, companies of all sizes have transitioned to a work from home structure in order to keep the wheels turning. Given the abrupt shift, many companies were unable to securely adopt remote work applications and tools that protected the network.  Research at ESET1 found an increase of Remote Desktop Protocol (RDP) of 768%. Most of the time, RDP access is not configured correctly and could allow cyber criminals an open door into the network. 

These intrusions capitalize on open network ports at the firewall which are required for RDP to work.  Open ports expose the system to the Internet. This exposure allows legitimate connection but also permits access by attackers and automated scanners.  After attackers discover these open ports,  they hack into them  using compromised credentials, brute force attacks or exploit an unpatched software vulnerability.  Once they get remote control of the device, attackers leverage the public facing system to elevate privileges and commence lateral movement within the network, especially if segmentation is not implemented. 

Now, more than ever, small business owners are under attack regardless of the size of the company. Business owners must protect their digital data and infrastructure from cyber attacks as the threat increases. 

The Zero Trust Solution

As of late, Zero Trust has become the industry’s new buzzword and for good reason. Derived from the principal “never trust, always verify,” this concept assumes access should not be granted without authentication and credential confirmation. Zero trust network access takes the approach one step further and limits access at the network level, so the destination system or application is never exposed until the user is authenticated securely.   

At Calyptix, our Zero Trust solution leverages AccessEnforcer and Gatekeeper, a “no software” remote access tool with Multi-Factor Authentication to deliver trusted access to systems housed inside the protected network. Traditional RDP setups leave the port wide open, permanently, for new connections whereas Gatekeeper only opens the port for a single instance after user authentication at the time of connection, allowing for higher security and reduced risk of intrusion.

Thanks to this Zero Trust design, singular AccessEnforcer can detect and log events to provide a superior approach for network security. By combining this defense with the Community Shield, Calyptix customers can now leverage the defensive networks of our entire community. This significantly raises the bar for criminal actors attempting to breach our shared defense. 

Calyptix is always improving the protection we provide for our customers. We hope you enjoy the added security benefits of AccessEnforcer 5.0.3 and the release of the Community Shield, purpose built for you. 

 

1 https://www.welivesecurity.com/2021/02/08/eset-threat-report-q42020/

https://www.zdnet.com/article/big-jump-in-rdp-attacks-as-hackers-target-staff-working-from-home/




No Comments


    Leave a Reply

    Your email address will not be published Required fields are marked *

    You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

    *