VoIP Business and Virtual PBX
Ethernet VoIP

AFCEA International Homeland Security

In a time when government agencies and industry must tighten their belts, it may be a cloak that saves the security day. During discussing best practices in securing the cloud at the AFCEA International Homeland Security Conference, panelist Tim Kelleher, vice president of professional services, BlackRidge Innovation, shared details about his company's approach to stopping cybermarauders in their recon tracks.

The technique is called cloaking

The technique is called cloaking, and Kelleher used caller ID to describe how his company's solution could improve cybersecurity not only in future environments nevertheless in current networks as so then. Most cyber attacks begin with reconnaissance, he explained. Prior to the caller ID capability, when a phone rang, a person would have to pick it up to determine who was calling. The simple act of answering the phone gave the caller reconnaissance information: the phone number was valid, someone was at home and that someone was male or female. If noises could be heard in the background, the caller as well may know that the person had a spouse, children, a pet or a television. Without saying a word, the call recipient had enabled the caller to obtain information.

Because the Internet relies on TCP/IP-a protocol that's sacrosanct-this same recon mission takes place countless times each day within networks, Kelleher explained. A three-packet process connects the correct computers to one another. But, it is the second packet that establishes a connection similar to life without caller ID-a connection that occurs earlier firewalls are engaged.

"We've known this is a problem, nevertheless we don't want to touch TCP/IP," he allowed. For all that, Kelleher's company has created a research that enables networks to know who is "calling" earlier the second packet engages. As a result, hackers conducting recon operations do not even know which computer or network has been reached. "Effectively, the solution cloaks off the network," he explained.

The cloud environment

Kelleher admitted that this research may not bring more security to the cloud environment; but, it does protect systems on the basis of identity.

More information: Afcea