Internet crime has evolved to become a highly organized enterprise and targets include every service and application on the network along with content and private user data and property. Today, effective security is no longer possible with just an appliance, vendor, or dedicated service. Security must be pervasive at all levels of the network and built into network architectures and design. Integrated security solutions enable any point in the intelligent IP network to adapt and collaborate with other security resources to identify and protect against criminal activities. Securing voice, data, video, and mobility services is possible with such an approach and service providers who pursue such a comprehensive security strategy can promote it as a point of competitive differentiation, maintain customer loyalty, and generate new revenue by offering managed security services.
The Changing Miscreant Economy
Just as diseases mutate to form strains that withstand the strongest antibiotics, so too is the hacker community continually evolving; refining its tactics to evade security technologies and law enforcement. Once, hackers were after fame and the thrill of breaking into private computing and communications infrastructures. Then hacking became a criminal activity dominated by individuals intent on theft or vandalism based on political or personal motives. Today, Internet crime has grown to include telephony, video services, and content, along with data. Criminals now operate within a highly organized, multimillion dollar miscreant economy that has become stratified much like an illegal drug cartel.
Internet crime is also no longer episodic and software-based. It is chronic and decentralized. Today's Internet crime focuses on the theft of private information, including user identities, on a grand scale. For example, hackers are creating botnets (infiltrated, compromised computers) by remotely searching the Internet for vulnerable computers lacking up-to-date security software. Often without the end user knowing, malware such as worms, Trojan horses, or backdoors steals credit card numbers, passwords, login credentials to financial institutions, and other information. Before, hackers were using this stolen information to withdraw or transfer funds, open lines of credit, or charge purchases on credit cards on a relatively small scale. But today's hackers (and "phreakers" who hack into telephone systems) are charging other criminals for access to infected computers and letting the subscribers either use the personal data or sell it to still others on the black market.
Often individual losses are small and the crimes are less noticeable and usually considered too minor to warrant action by law enforcement. But when small losses are multiplied by the millions, the motivation for criminals is clear. Even if individuals or financial institutions choose to pursue theft or fraud cases, with the stratification of the miscreant community, tracking down the culprits who often operate from remote regions of the world, and untangling multiple levels of culpability are extremely difficult.
Threats Expand to Voice and Video
Botnets are only one example of the new, pervasive nature of Internet crime. Viruses, denial of service (DoS) attacks, and phishing are other methods. Along with changes in the miscreant community and hacker tactics, the targets of Internet crime have also expanded, as voice and video services and content have joined data on converged networks.
Now threats to unified communications include revenue loss, diminished value of content and services, and loss of privacy due to:
• Toll fraud
• Call eavesdropping and hijacking
• Theft of private information
• Theft of premium content and illegal distribution
• Transaction session replay and theft
• Identity theft
• Use of fake identities to steal information and resources
• Media tampering
• SPAM
The Defensive Strategy: Secure Everything
Once, security appliances such as firewalls and intrusion detection and prevention solutions were enough to protect networks. But securing portions of the network is no longer an effective security strategy. Instead, everything - voice, video, mobility, wireless, and data center applications and services - must be secured from the network core to the end-user device.
Security should be viewed as a pervasive solution throughout the network (Figure 1) and considered from the inception of the architecture, design, and planning of a network. Adding security after a network has been deployed is less effective and usually much more expensive.
Figure 1. Security as a Pervasive Solution Throughout the Network
Security embedded in infrastructure makes scaling and optimization of operations easier, faster, and less expensive. An integrated approach to securing data, voice, video, and mobility services includes:
• The protection of critical infrastructure, including the network core, data center routers, aggregation routers and servers
• The protection of revenue-generating services to customers, including the security and availability of data, voice, video, and mobility; and subscriber privacy
• The protection of customers from external and internal threats, including protection from infected customer machines that can attack others in the network
Integrated, Adaptive, and Collaborative Security Solutions
The most effective security solutions are integrated, adaptive, and collaborative (Figure 2). Integrated security means that every element in the network incorporates security technologies and acts as a point of defense and policy enforcement. Adaptive security is based on the use of proactive security technologies that look at network behavior to recognize new types of threats as they arise and automatically prevent them from doing damage. This broadens threat-recognition capabilities and addresses threats at multiple layers of the network. And collaborative security means that network components work together to thwart attacks. Collaboration involves cooperation between endpoints, network elements, and policy enforcement.
Figure 2. Integrated, Adaptive, and Collaborative Security for All Network Venues
Security Value Proposition for the End Customer
Securing everything with integrated, adaptive, and collaborative solutions provides competitive differentiation and new managed services opportunities for service providers. For end customers, effective network security provides:
• Secure voice: Voice traffic and associated services such as voicemail and PBX are protected to safeguard access to personal information; service is reliable and voice quality is high
• Secure wireless: Wireless traffic is secure from identity and service theft
• Secure data communications: Data applications are highly available and reliable and sensitive data is protected
• Secure video: Video content is delivered reliably and protected from theft and piracy; personal video content is protected; subscriber access to content and self-service controls is private and secure
• Secure mobility: The mobile service plan is protected from cloning; service is protected and reliable when roaming
Cisco Security Center
Securing everything from continually evolving global attack techniques requires constant vigilance. Cisco Security Center is a new Website on Cisco.com (Figure 3) that provides 24-hour threat and vulnerability information to improve the security of networks, applications, and content. The site contains the latest security information and alerts, including the most prevalent attacks taking place worldwide and methods and technologies to guard against them.
Figure 3. Cisco Security Center
Other items featured on Cisco Security Center include:
• Threat and vulnerability analysis
• Cisco intrusion prevention signatures and mitigation techniques
• Advanced filtering technologies
• IntelliShield Alert Manager trial subscription, a customizable, Web-based threat and vulnerability alert service
• A "Threatcast" podcast, with reports on the latest security trends for the professional on-the-go
• Government security analysis and future trends
Learn More about the Cisco IP NGN Security Architecture and Systems
Integrated, collaborative, and adaptive security in the evolving Cisco IP Next-Generation Network (IP NGN) architecture is built into the fabric of the service provider's network infrastructure and integrated with other network elements. Cisco provides a comprehensive security product portfolio and assists service providers in developing revenue-generating managed security services from concept to implementation and marketing. Security is not perceived as an afterthought at Cisco, but as a fundamental part of the service provider's business that impacts all services.
