Protecting distributed branch office environments from ransomware
As ransomware becomes more sophisticated, detection tools should be upgraded to cover every site and location
Sponsored Feature Ransomware gangs that steal and encrypt vital business data before extorting payment for its decryption and restoration are ramping up global attacks at an ever-increasing rate. In fact, cyber security experts agree that ransomware now represents one of - if not the most - serious cybersecurity threats currently facing governments, public/private sector organisations and enterprises around the world.
The serious scale of the threat posed by ransomware attacks in the UK, Europe and globally was bought into sharp focus by the UK House of Commons/House of Lords Joint Committee on the National Security Strategy in its December 2023 report, A hostage to fortune: ransomware and UK national security. The report did not mince its words, stating: "Past attacks have shown that ransomware can cause severe disruption to the delivery of core government services, including healthcare and child protection, as well as ongoing economic losses."
So it seems clear that organisations in verticals including government, finance, healthcare, education, retail energy transportation and manufacturing might need to boost the measures they employ to protect their infrastructure against ransomware. Huawei aims to do just that, having unveiled its new HiSec SASE Solution - designed to deliver cloud-network-edge-endpoint integrated intelligent protection and provide consistent security assurance for both enterprise headquarters and branch offices - at last month's Mobile World Congress in Spain.
Leon Wang, president of Huawei Data Communication Product Line, described how the HiSec SASE Solution branch network security solution is applicable to a wide range of scenarios such as remote office, multi-branch networking, and endpoint security protection, and is ideal for safeguarding the digital-intelligent transformation of industries such as government, finance, and large enterprise.
"Today, the proportion of enterprises around the world accessing public cloud services through the Internet has reached 60 percent," he said. "Enterprises are undergoing a shift from enforcing centralised access to services through the headquarters data centre to allowing branches to directly access services on the cloud."
"But although the headquarters has sufficient devices and personnel for security protection, branches often implement weak security protection for limited resource investment. As such, it has become an urgent need to upgrade the security defence capabilities."
99 percent of network-wide security events handled in seconds
Wang pointed to the HiSec SASE solution's 'second-level, rapid' threat handling, detection performance and ransomware prevention capabilities as evidence these security defences can be consistently delivered at the branch office level. To maximise the effectiveness of its threat handling ability the HiSec SASE solution references more than 8000 security inference rules and intelligent matching algorithms for example, so it can automatically handle 99 percent of network-wide security events within seconds says Huawei.
According to the manufacturer, HiSec SASE delivers 'industry-leading' detection performance by using an all-in-one intelligent converged security gateway to enable on-demand loading of security capabilities. Equipped with four unique security engines — adaptive security (ASE), encryption and decryption, pattern matching, and hardware acceleration — Huawei estimates this gateway delivers threat detection performance which is up to 50 per cent higher than the industry average.
"Huawei's endpoint security system, leveraging cloud-edge-endpoint collaboration, achieves 100 per cent detection of ransomware attack and one-click file recovery from ransomware," the company stated in its press release. "This system is especially important today, as the number of ransomware attacks worldwide increased by 37 percent year-on-year in 2023 and threats from ransomware continue to grow."
The platform is said to boast four key 'intelligent' features. The first of these is described as intelligent operations, which implement unified management, orchestration, and response, resulting in a claimed 50 percent reduction in Operating Expenditure (OPEX). The second feature, intelligent orchestration, allows for container-based on-demand loading of security features and resource utilisation of over 70 percent, added Huawei. Thirdly the solution's intelligent lossless feature utilises Adaptive Forward Error Correction (A-FEC) to ensure smooth video playback even with up to 30 percent packet loss, said Huawei. Last but not least comes the intelligent response feature, which includes continuous dynamic detection, real-time backup and recovery of encrypted files, and zero packet loss.
No loss network experience
The HiSec SASE solution is built to offer what Huawei calls 'on-demand loading of key security capabilities such as IPS, anti-DDoS, URL, and application identification, and flexible resource scheduling, to enable consistent network-wide security protection'. Its intelligent threat analysis, automatic threat handling, threat response, and secured access capabilities combine to help ensure that once a threat is detected on one node, the detection result is immediately synchronised to the entire network within seconds to deliver network-wide immunity. Intelligent Operations and Maintenance (O&M) features also help to detect threats in real time and deliver 99.5 percent automatic handling of security events, adds Huawei. In addition, free mobility of network and security policies is designed to provide a high-quality network experience with no packet loss.
A key component of the Huawei HiSec SASE security solution is the All-in-One Intelligent Security Gateway, a 'new-generation' desktop firewall tailored for small enterprises, industry branches, and chain business organisations. The gateway integrates routing, switching, and security protection capabilities, alongside support for LTE and PoE which can help reduce CAPEX by up to 30 percent, according to the manufacturer. With the built-in Adaptive Security Engine (ASE) and on-demand loading of software packages - including enhanced DDoS mitigation and cryptojacking prevention – the platforms' security capabilities can be flexibly orchestrated and loaded on demand to simplify the deployment of effective branch security.
Working with the HiSecEngine USG6500F-DL Series All-in-One Intelligent Security Gateway to deliver that all important centralised management is the iMaster NCE-Campus – billed as Huawei's 'next-generation autonomous driving network management and control system for campus networks'. This is designed to integrate management, control, analysis, and Artificial Intelligence (AI) functions that can be combined to provide full-lifecycle automation of campus networks. Intelligent fault closure is also implemented through network digital maps, big data analytics and AI.
The threat posed by organised criminal ransomware gangs is alarming, which might make the recent launch of Huawei's new SASE solution an especially interesting proposition for global businesses. There are many recent examples which highlight ransomware's terrible impact on organisations. These include attacks on Distributions Services (the UK Royal Mail's parent company) and aerospace giant Boeing in 2023 which were attributed to an international criminal outfit calling itself LockBit, as well as the attack launched by cybercrime group DarkSide on US oil infrastructure provider Colonial Pipeline in 2021.
Clean up costs can run into tens of millions of dollars, and simply doing nothing in the face of an escalating threat is simply not an option. Huawei's HiSec SASE Solution could be the first step to taking positive action.
Sponsored by Huawei.