Weekend Reads 092520

Cybercrime rewards innovative organizations. These can innovate at the tactical level (e.g. new or updated tactics, techniques, and procedures (TTP)), the strategic level (e.g. new monetisation methods), or at the operational level—the management of resources and personnel to achieve strategic objectives. This is operational art.

Enterprises cannot afford to ignore the threat posed by encrypted inbound network traffic. Adversaries now commonly use encrypted traffic flows to cloak cyberattacks, slipping malware, ransomware, and other malicious content past perimeter detection systems.

Major cloud services providers are about half as likely (46%) to experience a data breach compared with large enterprises, a new study suggests.

The Hedge Podcast #53: Deprecating Interdomain ASM

Interdomain Any-source Multicast has proven to be an unscalable solution, and is actually blocking the deployment of other solutions. To move interdomain multicast forward, Lenny Giuliano, Tim Chown, and Toerless Eckhert wrote RFC 8815, BCP 229, recommending providers “deprecate the use of Any-Source Multicast (ASM) for interdomain multicast, leaving Source-Specific Multicast (SSM) as the recommended interdomain mode of multicast.”

Technologies that Didn’t: CLNS

The Open Systems Interconnect (OSI) model is the most often taught model of data transmission—although it is not all that useful in terms of describing how modern networks work. What many engineers who have come into network engineering more recently do not know is there was an entire protocol suite that went with the OSI model. Each of the layers within the OSI model, in fact, had multiple protocols specified to fill the functions of that layer. For instance, X.25, while older than the OSI model, was adopted into the OSI suite to provide point-to-point connectivity over some specific kinds of physical circuits. Moving up the stack a little, there were several protocols that provided much the same service as the widely used Internet Protocol (IP).

reducing-rpki-risk

Reducing RPKI Single Point of Takedown Risk

wr-091820

Weekend Reads 091820

hedge-053

The Hedge 52: Tobi Metz and the Technologist Question