Weekly Intelligence Digest – April 6, 2015


Top News Stories

1. China Telecom and IBM Push MobileFirst for iOS

China Telecom, China’s largest fixed-line operator and cloud provider, has formed a deal with IBM to offer and manage enterprise apps for Apple devices. China Telecom will host IBM’s MobileFirst service on its servers in the country. Initially 24 apps have been translated and additional apps will be available soon. IBM/China Telecom users will be able to deploy services from the IBM MobileFirst Platform for iOS to build, integrate and secure made-for-business enterprise apps which will be hosted on China Telecom’s cloud. Companies will also benefit from cloud-based management and security capabilities for mobile devices, applications, content and transactions.

BID Insight IBM’s Chinese strategy continues to be about forming collaborations with local companies as a result of the government’s preference towards state-run firms who use domestic tech suppliers over their foreign counterparts. Western firms have criticized the Chinese government for their repeated efforts to protect local firms, claiming such measures affect Chinese enterprises’ vulnerability to cybersecurity threats. IBM has announced that a significant part of the deal with China Telecom will involve technology sharing to help Chinese companies expand their mobility efforts. As China’s largest cloud computing service, China Telecom hosts over 70% of domestic Internet content and services. As the country sees accelerated development of mobile internet services, innovative mobile transformation has become increasingly important to Chinese enterprises; China Telecom’s deal with IBM will accelerate their ability to offer cutting edge mobile solutions for traditional companies and startups across China.

2. Incapsula Publishes Report on Dark Side of Anonymous Proxies

Incapsula, the website security firm, published a report this week that looks at the use of anonymous proxies as a source of DDoS attacks. The report reveals that up to 20% of all application layer attacks are coming from anonymous proxies and that on average, perpetrators are directing traffic from 1800 different IPs. Incapsula calls this kind of threat a “Shotgun” attack. It makes the attackers harder to trace by using a large number of open proxies, transforming a single-source denial of service (DoS) attack into a distributed one (DDos), making it much harder to prevent. The attackers gather a list of publicly available proxy servers that they find online. They then modify a DoS toolkit or homemade DoS script to deliver a batch of malicious requests dispersed through each of the harvested proxies.

BID Insight Incapsula call these kinds of attacks, “Shotgun” attacks because they produce a scattering effect similar to the small pellets from a shotgun shell being fired. However, while shotgun pellets disperse, the DoS requests narrow in on a single focus, hitting it from multiple directions thereby creating a DDoS attack. With anonymous proxies, the attack can spread across multiple geographies as well as multiple IPs, which immediately makes geo-blacklisting techniques ineffective. They represent a new type of threat, which cybersecurity firms like Incapsula are racing to understand how to mitigate.

3. Alcatel-Lucent Land 4G Deal with China Telecom and Alcatel-Lucent Launches New Optical Tech

Alcatel-Lucent has signed a 4G deal with China Telecom, allowing it to become one of the carriers three most important 4G suppliers, alongside Huawei and Nokia. ALU will help enable 4G across 12 provinces in 40 cities, including Shanghai, providing ultra-fast broadband speeds to its users. Alcatel-Lucent will supply base stations and software as part of its 9926 eNodeB solution.

Also this week, Alcatel-Lucent has launched an innovation breakthrough in optical routing technology that will help operators facing the twin challenges of increased capacity demand and consumers’ demands for flexibility and speed. It will enable connections to be changed without electrical switching whilst detecting and routing around network faults, eliminating on-site visits to check connections, and helping reduce equipment and power needs. The technology will be utilized by Verizon on its ultra-long haul optical network in the U.S., enabling operators to experience reduced capital expenditure and energy costs in contrast with electrically switched-only alternatives.

BID Insight China Telecom is Chinas third-largest carrier and at 186 million subscribers is larger than any of the U.S. carriers, so the opportunity to deploy LTE equipment for China Telecom is a major coup for the French company, Alcatel-Lucent. The deal with Alcatel-Lucent takes place a month after China Telecom and China Unicom gained licenses to build 4G networks using the FDD-LTE air interface instead of the TDD-LTE interface which the main rival, China Mobile, uses.

Alcatel-Lucent has long been a field leader in optics. As demand for faster service on the Internet has increased, telecoms, data centers and other service providers have turned from legacy copper cable systems to optical technology. Alcatel-Lucent’s innovation breakthrough in optical routing technology launched this week will provide urgently needed scalable flexibility and increased agility for its operators. The additional speed is provided by improved agility at the photonic layer using Alcatel-Lucent’s innovative wavelength routing technology. As access to the Internet increases across all devices over a 24 hour time span, current infrastructure is increasingly strained. By automating the optical networks, Alcatel-Lucent gives operators welcome relief until the next evolution.

4. Neustar Appoints Hank Skorny as SVP of the Internet of Things (IoT)

Neustar, a provider of real-time information services and analytics, has appointed Hank Skorny as Senior Vice President of the Internet of Things. Prior to joining Neustar, Skorny was at Intel in Seattle as VP of the Software and Services Group and as GM of Intel Services Division, Skornny oversaw unified software services across device and operating systems. He has also worked at RealNetworks, Thumbspeed, InfoSpace and AOL Mobile, accruing over 25 years of leadership, marketing and management experience. Skorny will relocate to San Francisco where Neustar’s West Coast office is located.

BID Insight In announcing his new job, Skorny talked about his excitement at joining Neustar and driving its IoT strategy because it is “big enough to do cool things but small enough to focus”, as well as stating his belief that Neustar “has all the ingredients necessary to lead the next generation of IoT services”, such as cloud-based security solutions, identity management and domain name and registry systems. As devices multiply and there is an increasing transition to all-IP networks, focusing on developing the IoT will become increasingly important for companies, such as Neustar, that focus on information services.

5. Azure Adds Online Backup and Recovery Services

Microsoft Azure has added two significant new features to its Azure Backup services that will improve current functionality. Azure Backup provides multiple copies in multiple geographies for numerous applications, including Microsoft Exchange, SQL Server and Windows client among others. Now Azure Backup will perform online backups of Windows and Linux infrastructure as-a-service (IaaS) VMs, then restore them as needed. If the network is congested, initial backups can be shipped to the nearest Azure datacenter and seeded through Azure Import/Export service.

In addition, Microsoft is previewing Azure Site Recovery, which enables Availability on Demand using Azure as a disaster recovery site. Customers who use Azure API Management Premium can now use and manage APIs with enterprise level features. The new tools will allow companies to combine on premises assets with an extension to Azure for cloud bursting, migration, backup, disaster recovery, and development and testing.

BID Insight When Azure Product Marketing Group Manager Joel Ferman announced new features for the Azure Backup service, he remarked that availability is not only disaster recovery in the cloud, it’s also the connection between a data center and the cloud that provides protection and value creation. The updates to Azure essentially allow enterprises to offer both on-premises support and connect to the Azure cloud, in addition to replicating Hyper-V, physical and VMware workloads, creating a unified solution which removes the challenges of managing multiple point solutions and a mix of cloud providers. For a long time, firms have been eager to gain access to services which combine enterprise class protection with features, making Azure, which has both, a tempting proposition.

6. Black Lotus Release Report Showing Average DDoS Attack Tripled in Volume

Black Lotus, specialists in availability, security and provider of distributed denial of service (DDoS) protection, released their quarterly Threat Report showing that total attack frequency has dropped by 44% in Q4 2014, which backs up its forecast of fewer, more complicated methods of attack. The average packet volume for DDoS attacks has gone up by 340% and the average bit volume increased by 245%. This points to a change of attack methods. Cybercriminals are increasingly favoring complex attacks which use multiple vectors and blending application layer, SYN and user-datagram protocl (UDP) flood attacks together. Black Lotus altered its estimate that companies will need security measures that can handle 15 Gbps minimum in bit volume compared to its Q3 prediction of 5 Gbps minimum, to protect itself from the majority of attacks across 2015.

BID Insight In response to the increased level of complex threat from cyberattackers, security firms such as Black Lotus, will need to continue to meticulously monitor the changing nature of such threats and accordingly step up the sophistication of their response. Black Lotus’ research team predicts that attackers will keep experimenting with different DDoS recipes to confuse security teams so that they can steal user credentials, confidential files and customer payment information. Cyberattackers often use DDoS attacks as a “smokescreen” or distraction for other criminal activity so organizations need to remain alert to all parts of their systems to guard against security breaches; and security practitioners need to tap sophisticated DDoS mitigation instead of padding networks with extra bandwidth. More than half of all attacks in Q2014 happened because of UDP flood attacks, which induce poor host performance or extreme network congestion as a result of high amounts of packets being produced and IP spoofing.

7. F5 Networks Launches a New Security Operations Facility

F5 Networks announced a new Security Operations Center (SOC) facility at its headquarters in Seattle to expand its work to 24/7 cloud coverage. The SOC provides customers who use the Silverline cloud-based application services with 24 hour access to expert F5 security staff who monitor international layer 4-7 attack activities in real time, 365 days a year. The SOC will quickly shut down phishing sites, maintain up-to-date global threat intelligence, detect and mitigate DDoS attacks and analyse malware. F5 SOC services can be rapidly activated to support F5 WebSafe, F5 MobileSafe and DDoS protection.

BID Insight In-house security teams experience the twin challenges of cost and complexity as they manage security across traditional and cloud environments. In addition, it is increasingly challenging for research teams to be continuously up-to-date on the latest attacks and protection measures. F5 Networks intends that its new SOC will help alleviate and eradicate these challenges by creating a 24 hour service that provides visibility and context into security threats from a highly specialized team of researchers and analysts. Jerry Stalick, Vice President of Security Operations at F5 Networks, explained that the intention behind the SOC is to “detect attacks in the cloud before they arrive at our customer’s site, and block those attacks further away from the destination.”

8. Bit9 + Carbon Black Announces Its Expansion into EMEA

Bit9 + Carbon Black, who provide endpoint threat prevention, detection and response, announced this week the launch of its new Channel Partner Accreditation Programme and its expansion across the UK, Nordics, Benelux (Holland, Belgium and Luxembourg), and the Middle East. The company is opening a new local office in the UK and trebling its local staff there, in addition to expanding its European channel program by 25% and offering a new accreditation program to specialist security partners such as managed security service providers (MSSP) and value-added resellers (VAR) who can provide services using Bit9 + Carbon Black’s products. Across 2014, Bit9 + Carbon Black’s customer base grew by 66% and it increased channel sales worldwide by 310%. Its goal is to triple revenue in Europe across 2015.

BID Insight Bit9 + Carbon Black merged in 2014 in order to provide a total integration solution for advanced threat endpoint prevention, detection and response. Bit9 + Carbon Black’s rapid growth is fuelled by highly accelerating demand for next-generation endpoint security solutions to help protect against advanced threats versus network-only security models. Companies are realising that their endpoints – i.e. point of sale devices (PoS): servers, desktops, laptops and fixed function devices – are the primary target for cybercriminals rather than the traditional network target. Endpoint security solutions allow enterprises to not only stop attacks from happening, but also to detect when they have been compromised and respond immediately. Bit9 + Carbon Black claim to be the only cybersecurity company able to provide the whole security package – prevention, detection and response; the new accreditation program offering Incident Response services to its partners allows them to move up the value chain by offering the more secure services provided by Bit9 + Carbon Black to their customers.

9. Pluribus Networks and Appcara Partner to Improve Cloud-Based Apps

Pluribus Networks has announced a partnership with Appcara, a provider of multi-cloud and application automation services, with the intention of enhancing its cloud-based application management offering for cloud service providers and companies. It begins with the availability of Appcara’s App360 multi-cloud and application automation platform on Pluribus Networks’ F64 Network Computing Appliance. App360 allows companies to use and manage enterprise applications in any cloud or multicloud environment; in addition to offering real-time visibility, analytics and control over enterprise applications. Pluribus Networks’ F64 Network Computing Appliance offers users open-source software, powerful server components and merchant silicon switching to provide sophisticated network analytics, control over cloud services and software-defined fabric and L4-7 network services. The combined products offer users complete software-defined network and application capabilities in one plug-n-play appliance.

BID Insight Companies are adopting cloud at a fast pace, but the paucity of end-to-end visibility and control in real-time has led many organizations to stall moving their critical enterprise apps into the cloud as quickly as expected. Enterprises need to be able to deliver and manage their application workloads across multiple clouds and have complete visibility and control while doing so. Pluribus Networks’ advanced networking and analytics combined with Appcara’s cloud and application automation abilities enables that kind of management control to happen efficiently and reliably. Users gain access to network statistics, the chance to control bandwidth in real time, a simple user interface to accelerate applications into multi-cloud environments via the App360 portal, and an App Marketplace with over 60 pre-packaged applications. The partnership between Appcara and Pluribus Networks gives users the control, along with the application level network statistics they need to efficiently run any application workload, from simple to highly-distributed, in the cloud.

10. Alibaba Partners with Xiaomi in Wearable Payments

Alibaba’s finance arm, Alipay, has partnered with China’s largest domestic smartphone maker Xiaomi Inc. to co-develop mobile payment systems using wearable technology. An Alipay Wallet mobile app will link with Xiaomi’s Mi Band smart fitness bracelet, which connects with the identity of the user so he or she can make wireless payments using the wristband without the use of a password or identity card. They also intend to offer other wireless services through the bracelet, such as paying for cinema tickets or opening hotel room doors. The Alipay-Mi Band link will be made available for Android mobile operating systems and the next version will be compatible with Apple’s iOS, so that the device can be paired with various smartphones. Alipay and Xiaomi have ensured the bracelets will have an encrypted link so all payment data is transmitted via Bluetooth, thereby avoiding security challenges associated with near-field communications (NFC) wireless technology, which has been attacked over its vulnerability to theft and cyber attacks.

BID Insight Tech companies in China have been dreaming of an emergent technology that will replace wallets for some time, and the announcement this week between Alipay and Xiaomi marks the first time that this goal has begun to be a reality. China has the world’s most mature mobile payment market: last year, users processed 6 trillion yuan (US$960 billion), five times higher than the figure for 2013. Alipay currently dominates the market, however, it increasingly faces competition from Tencent, which launched its own mobile payment service last year for its 440 million users. Xiaomai is also venturing into internet finance more and more. Last month, it launched a mobile wallet system that pays users interest on the money transferred to it.

Scroll to Top