SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Infoblox: ANZ NetOps and SecOps teams need to work together
Mon, 24th Apr 2023

Infoblox is encouraging Australian and New Zealand cybersecurity organisations to join it in bringing together their networking and security teams to better protect themselves.

The move is intended to stress the importance of protecting enterprises in the ANZ region from cyber attacks and motivate businesses to act.

Infoblox believes that bringing NetOps and SecOps teams together can stop malware communications, pinpoint the source of threats and enhance performance and protection, noting this is achievable through the shared visibility, data context, automation and control that these technologies offer when combined.

CyberRisk Alliance's 2023 Global State of Cybersecurity report found 57% of Australian businesses have suffered at least one data breach in the past year, averaging a loss of $2 million per event.

In addition, recent Infoblox findings show 55% of Australian companies identified email or phishing as the top attack vector.

Infoblox has launched its new Lookalike Domain Monitoring capability in response to this.

This solution identifies sites that are trying to impersonate company brands, a technique that is growing in use to deceive partners and customers with phishing, malvertising, and similar attacks.

"As a best-of-breed DNS layer security solution provider in the ANZ region, Infoblox continues to pioneer advancements in the use of DNS as a source of unique threat intelligence and as a powerful enforcement point," says Scott Harrell, CEO & President of Infoblox.

"We are the first and only DNS Security vendor to protect against the use of lookalike domains by attackers.

"These attacks are increasing in sophistication and prevalence, making specialised solutions not just nice to have, but necessary to secure enterprises and their users."

Infoblox will be releasing a new lookalike domain report at the RSA 2023 Conference at the end of April.

One of the findings of the report is that while malicious actors are continuing to use lookalike domains, these techniques significantly advanced during 2022.

As we find ourselves in Q2 2023, Infoblox says that every sector is targeted, and this technique is a crucial component in complex cyber attacks, such as those that bypass multi-factor authentication (MFA) measures.

Infoblox's new Lookalike Domain Monitoring offering includes extra lookalike defences that protect against MFA spoofing attacks, which can come through email, SMS texts, and other digital communications.

It says this will keep employees safe from credential theft, which is the most valuable attack resource for threat actors.

Infoblox also acknowledges that recent disclosures have exposed the growing threat of targeted attacks impersonating MFA to deceive employees into providing their credentials, explaining that its new threat intelligence can spot threats as they come about to proactively protect users.

"We will be showcasing these and more at Infoblox Exchange coming to Sydney on May 25th 2023 and Melbourne on May 23rd 2023," says Scott Morris, Managing Director, Australia & NZ at Infoblox.

"Exchange is an annual Cybersecurity Event to help security professionals discover the many ways that Infoblox, our partners and customers are solving today's most urgent network performance and protection issues.

"It is happening in more than 20 cities across Europe, the Middle East/Africa and Asia Pacific."

Infoblox has also created technology capable of proactively identifying MFA lookalike activity that runs in tandem with its other Custom Lookalike Domain Monitoring solution.

The offering denies the connection at the DNS layer meaning users can confidently click on links in emails or SMS messages imitating their trusted MFA tools or MFA infrastructure without worrying they'll be compromised if these links aren't genuine.

Infloblox is also able to recognise suspicious and phishing lookalikes to customer-chosen monitored domains through refined algorithms and user experience.

This protects customers from spearphishing and brand abuse with alerts for suspicious activity that cater especially to their unique needs.

"Networking and security work better together when they share real-time visibility into application, user and device context," Morris adds.

"Real-time threat protection and more resilient network performance can only happen when networking and security work side by side.

"We can help enable NetOps and SecOps to work more efficiently by uniting their view of user context and DNS data so everything runs faster, works better, and is more secure.

"This also saves NetOps and SecOps time by uniting real-time user and device context, eliminating critical network and security bottlenecks."

Infoblox's cloud-first, consultative approach offers customers specific capabilities and actions that will help them craft more resilient networks and stop critical threats sooner based on their business needs.