Monday, 11 February 2019

Russia prepares to disconnect its Internet

In December 2018, Russia passed a law mandating that ISPs must be able to disconnect the Russian Internet space (Runet) from the rest of the Internet, in case of foreign aggression. They also mandated that ISPs forward traffic to the Russia's telecoms watchdog for inspection.

The apparent preparations by countries such as Russia and China for cyberwar are concerning. Russia, China, Iran and North Korea, amongst others, can easily cut themselves from the rest of the global Internet to protect themselves. Western countries, such as the US and UK, are far less able to do this.

Saturday, 26 January 2019

Vulnerable Cisco routers


A recent The Register article describes some security flaws in the Cisco RV320 WAN routers.

https://www.theregister.co.uk/2019/01/26/security_roundup_250119/

Recently I've been asked, by customers, about running devices in their network that are now end of life and no longer supported by the vendor. Although these RV320 routers are not obsolete and security patches are therefore available, this is the sort of vulnerability that could cause a major problem if security patches are not available. I would therefore recommend that only vendor supportable infrastructure is deployed in a network, even if the devices only appear to be basic devices, such as a switch.