Microsoft Skype Hit By Alleged DDoS Attack, Causes Connectivity Challenges

Microsoft has confirmed an outage in its Skype offering, which caused connectivity issues earlier this week and is allegedly the result of a Distributed Denial of Service attack.

Skype users started complaining about connectivity issues on Monday, with hours of downtime. The issues continued into Tuesday, with users losing connectivity and having trouble exchanging messages on the communications platform. The outage appeared to primarily affect Europe.

It is not clear if the connectivity issues affected just the consumer Skype application, or also Skype for Business.

[Related: Massive DDoS Attack On U.S. College Throws IoT Security Into The Spotlight — Again]

Microsoft confirmed the issues with the service in a Tweet and on its blog, saying Monday that they were “aware of an incident where users will either lose connectivity to the application or may be unable to send or receive messages. Some users will be unable to see a black bar that indicates them that a group call is ongoing, and longer delays in adding users to their buddy list.” On Tuesday Microsoft updated the blog post to say it was “seeing improvements” but some users still were having issues with the service and the company was “working on that.”

Microsoft further updated the blog on Tuesday, saying it had made “some configuration corrections and mitigated the impact.”

“We are continuing to monitor and we will post an update when the issue is fully resolved,” Microsoft said.

Microsoft did not confirm reports at the time that the outage was the result of a DDoS attack. A hacker group, called CyberTeam, claimed responsibility for the attack in a tweet, saying “Skype Down by Cyberteam.”

Michael Goldstein, president and CEO of LAN Infotech, a Fort Lauderdale, Fla.-based Microsoft partner, called the incident “pretty scary,” assuming reports of a DDoS attack were true. He said it is concerning for small and medium businesses if a company as large as Microsoft can be hit by such an attack.

“It is definitely showing how the bad guys, how the dark side, is still looking to push [against big companies],” Goldstein said.

Goldstein said his company views Skype for Business as a “critical product” for both its own business and for its clients. He said he hopes Microsoft is working to bolster its Skype for Business product, as well as its consumer Skype product, against further attacks.

The reports of a DDoS attack against Microsoft come just a few months after a massive DDoS attack on Dyn caused significant Internet outages on the East Coast. The incident took down many popular websites, including Twitter and Netflix, as well as more than 1,200 other sites. The attacks in the October attack came from devices infected by the Mirai botnet – a malware that was revealed earlier in the month and spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords.

Related:

  • No Related Posts

CRN Exclusive: Demisto Launches First Partner Program As Market For Security Automation Heats Up

Demisto is doubling down on the channel, announcing on Wednesday the launch of its first partner program as the market for security automation and orchestration heats up.

The new Nucleus Partner Program has two tiers: silver and gold, which are based on sales volume and number of trained sales engineers. The company has also rolled out provisions for deal registration, incumbency on expansionary and renewal sales, first right of refusal on professional services, pre- and post-sales training, and high-margin pricing for partners.

The new program is led by Bob Kruse, who joined the company in April as vice president of alliances. Kruse comes to Demisto from Optiv Security, where he was vice president of partner solutions until March. Kruse said the program will provide the foundation for Demisto to “build a lot of momentum and quickly.”

[Related: 2017 Security 100: 20 Coolest SIEM And Threat Detection Vendors]

“This is something that is great for us, but it is also great for our channel,” Kruse said. “The channel is already experiencing the same [growth with us].”

Tera Davis, managing director at Plano, Texas-based Critical Start, said she is seeing demand grow for security automation and orchestration solutions, especially as customers look to improve their security operations centers. She said Critical Start already has a couple of customers doing proofs-of-concept with Demisto’s technology.

“We’re continuing to grow as a company, and a company like Demisto is a great addition to our portfolio,” Davis said.

Davis said the new partner program is “really nice,” highlighting the margins, deal protections and opportunities to work together on deals.

“It shows that they are focused and committed to the channel, especially in their early stage,” Davis said. “We are looking forward to having a strong partnership.”

The program isn’t Demisto’s first foray into the channel. The Cupertino, Calif.-based company already worked 100 percent through the channel prior to the launch and does not sell direct. The company first started its engagement with the channel in August, but was mostly “opportunistic and not strategic,” co-founder and Vice President of Marketing Rishi Bhargava said. He said the addition of Kruse and the launch of the new program will help scale Demisto’s go-to-market and make engagement with the channel more strategic.

Related:

CRN Exclusive: Dave DeWalt Joins Security Startup Illusive Networks As Vice Chairman

As it looks to stake its claim in the emerging market for deception technology, Illusive Networks has landed a big executive win, announcing Monday the appointment of well-known security industry executive Dave DeWalt as its vice chairman of its board of directors.

DeWalt is well-known in the security industry, most notably as the former CEO of security giants McAfee and FireEye. Since leaving FireEye last year, DeWalt has joined the boards of directors of multiple security startups, including ForgeRock, Claroty, and ForeScout Technologies, as well as Israeli cybersecurity think tank and venture creation firm Team8.

In an exclusive interview with CRN, DeWalt said wanted to join Illusive Networks because of the company’s technology, which he said solves a key problem around attack detection and attribution. The New York City-based company’s Deception Everywhere solution uses an agentless approach to “turn the tables on attackers” by installing decoy data onto laptops, desktops, servers, data centers and more to root out attackers already in the environment.

[Related: 2017 Security 100: 25 Coolest Network Security Vendors]

“It feels a little bit like FireEye did early on,” DeWalt said. “This is the first technology I’ve seen that really gives us more time to detect [and track attackers for attribution]. That’s why I liked [the technology] and liked the company and decided to get involved at a higher level,” DeWalt said.

The market for deception technology is an emerging category in security, with Gartner predicting that by 2018 around 10 percent of enterprises will be using the technology. DeWalt’s appointment is the latest win for Illusive Networks in the space, following on the announcement of a strategic investment by Microsoft Ventures and multiple large client additions. CEO Ofer Israeli said DeWalt’s experience would help as Illusive Networks looks to continue that growth trajectory.

“Dave’s in-depth understanding and insight into the cybersecurity landscape will prove invaluable as we continue to grow and advance our client base,” Israeli said in a statement. “We’re delighted to have gained Dave’s support and look forward to working with him to protect corporations against the next generation of cyber attacks.”

DeWalt said he will look to bring his background taking younger companies and taking them to scale, with particular focus on growing the company’s sales and go-to-market strategy. He said he will also look to help Illusive Networks get more investments, form more industry partnerships, scale sales, and generally grow the company.

“My opinion is you will see a lot of this type of technology deployed in the next three to five years,” DeWalt said. “We will try to grow the company from small, like I did at FireEye, and grow it to something really big.”

A key part of that growth will involve leveraging DeWalt’s experience working with partners, he said, adding that the company’s technology is a perfect add-on and differentiator for a VAR’s endpoint security offerings. Illusive Networks hired its first channel chief in November 2015, appointing former Palo Alto Networks and Extreme Networks exec Tracy Pallas to lead its 100-percent channel strategy.

Related:

CRN Exclusive: SonicWall Hires Former VMware Exec As First Chief Security Officer

SonicWall is expanding its executive lineup and security expertise with the appointment of former VMware executive Sandra Crosswell as the company’s first chief security officer/chief information security officer.

Crosswell has a long background in information technology, including tech support, engineering, management and more. Most recently, she led the InfoSec Red Team at VMware as senior manager.

Crosswell officially started in the role, a new one for the Santa Clara, Calif.-based company, in March.

[Related: SonicWall’s Pataky: We’re A ‘100 Percent Security, 100 Percent Channel’ Company]

In an exclusive interview with CRN, Crosswell said she believes her technology background, project management and experience working with companies in M&A make her a good fit for the role. At SonicWall, which just spun out from former parent company Dell in November, Croswell said she aims to help build up the company’s internal and external security strategy.

“I’m excited. I’ve been given the opportunity to build a greenfield security program, to build one from the ground up,” Crosswell said. “You couple that with huge sales momentum, the ability to influence product features with the CSO lends, the leadership team and the values – I just knew I was going to grow in this environment and that was a compelling reason to pick SonicWall as my next move.”

Michael Goldstein, president and CEO of LAN Infotech, a Fort Lauderdale, Fla.-based SonicWall partner, said the appointment of someone with Crosswell’s expertise in security to the CSO/CISO role is “great.” He said he expects that experience will help the company develop out its products and professional services.

“I think this is a good thing that will only make us better as a partner,” Goldstein said. “SonicWall is one of our major security providers, so if they are pushing forward in security, it only makes things better for us.”

Michael Knight, president and CTO of Greenville, S.C.-based Encore Technology Group, agreed, saying the CSO role and Crosswell’s appointment will help boost SonicWall’s position as a thought leader in the security industry.

“As a partner, we very much look to our partners to continue to have security thought leadership and provide strong intellectual capital within their organizations so we can continue to partner well together and drive value in this space. Adding someone of her caliber is certainly going to assist in the customers’ view of SonicWall as a strong security player,” Knight said.

Related:

Varonis Exec: User Behavior Analytics Helps Protect Unstructured Data

Owen Lamb, Manager of Sales Engineering at New York City-based software solution provider, Varonis Systems, spoke with CRNtv about why data protection should be a top priority at companies today.

“All you really have to do is turn on the news with all of the breaches that are happening these days,” said Lamb. “The majority of them are related to unstructured data, so email systems, files shares, etc.”

He explained that the high number of breaches that have happened in the past few years underscores the importance of the data protection issue many companies are facing.

“There are definitely some challenges with the underlying management of those systems because it’s become very burdensome to monitor,” said Lamb.

The growth of data companies have seen in the last decade has made it all the more challenging for IT departments to keep track of it all.

“Our focus at Varonis is simply to better enable companies to get a handle on the challenges they are facing and help them prioritize their clean-up efforts.”

Lamb also said that automation is playing a key role in the heavy-lifting that comes with data management.

Related:

One Year Of Kevin Mandia: Partners Say FireEye Is Evolving Under New CEO, But Still Has Work To Do

When Kevin Mandia became CEO of FireEye one year ago, the company was in bad shape.

After jumping to the top of the market with its pioneering sandboxing technology, FireEye was struggling. The company faced increased competition, a faltering channel strategy and a high price point for its offerings.

With those headwinds, Mandia took the reins from then CEO Dave DeWalt.

Mandia had joined FireEye in 2014 after the then security high flyer acquired the company he founded Mandiant Corporation. In a decade as CEO, Mandia had built Mandiant into a $100 million security services powerhouse.

[Related: Q&A: FireEye CEO Mandia On His One-Year Anniversary, Partner Milestones And Work That’s Left To Do]

FireEye’s stock was down a whopping 60 percent year over year to $16.05 when Mandia officially took the helm on June 15, 2016. Today – one year to the day that he began his tenure as the new CEO – FireEye’s shares closed down for the day 18 cents to $14.99.

At the time of his appointment, Mandia said he wanted to usher in the “next generation” of FireEye, with a roadmap for innovation and partnerships to take the company beyond its on-premise sandbox appliance roots to what he called a “hybrid everywhere security company.”

“We are on that journey and that started Day 1 for me,” Mandia said in a recent interview with CRN. “The minute I got to the helm, it was about innovating out of the sandbox into a real security company.”

That evolution took place in two parts. On the innovation front, Mandia championed a vision at FireEye that included separating data analysis from the appliance itself – a process it called MVX separation –, endpoint security, and an integrated platform approach that the company now calls Helix.

FireEye also needed to repair its broken relationship with the channel, which stemmed from confusion around services competition from the Mandiant acquisition. Partners at the time complained about an unclear delineation between solution provider and direct sales.

Mandia responded quickly hiring a new head of worldwide sales – Bill Robbins- who made changes to how FireEye works with partners, including creating clear swim lanes, a new pricing structure, and plans for channel-ready products.

Related:

Q&A: FireEye CEO Mandia On His One-Year Anniversary, Partner Milestones And Work That’s Left To Do

One Year In

When Kevin Mandia took over as CEO of FireEye a year ago, the company was ready for a change. Over the past year, the company has rolled out new technology – including its Helix platform – and pushed to repair its damaged relationship with the channel. The ultimate goal, Mandia told CRN, is to get FireEye on a path away from its on-premises sandbox roots to a full-fledged, cloud-based security company. In an interview with CRN around the anniversary of his June 15 start date in the role, Mandia talked about what he feels the security vendor has accomplished in the past year, the changes it has made, and what work remains to be done. Take a look at what he had to say.

Related:

Palo Alto Networks Execs: The Security Market Is Ripe For Disruption

In a market defined by disruption, Palo Alto Networks executives said the security market is ready for yet another shakeup.

“The vendor landscape is going to be totally different than what you use here today,” said Palo Alto Networks co-founder and CTO Nir Zuk. “We’re getting to a point where it’s just becoming very, very clear that we cannot keep going or keep going the current route we’re on in terms of investment in the industry.”

The signs that the market is ready for disruption are there, Zuk said in a keynote at Ignite 2017 in Vancouver, Canada, this week. Zuk pointed to astronomical spending on security R&D and venture capital for a marginal impact to security effectiveness, increasing challenges in consuming security technology, high data demands for effective machine learning, and requirements for frequent updates as reasons the market is ready for disruption.

[Related: 5 Hot Happenings From Palo Alto Networks Ignite 2017]

Palo Alto Networks is looking to create that disruption, just as it did with the next-generation firewall market, said Zuk. The company is looking to disrupt the way cybersecurity is consumed, with deployment of a single agent on each endpoint, network and service for a Software-as-a-Service application, then layered with independent security services connected to the platform leveraging a single data set and threat intelligence. To build this, the Santa Clara, Calif.-based company launched an Application Framework, allowing third-party developers to build on its platform, as well as new cloud-based services.

“Cybersecurity has to become a set of services that you consume, rather than a set of technologies that you deploy on-premise,” Zuk said. “This is the disruption. … We’re going to completely change the way you consume cybersecurity.”

Palo Alto Networks President Mark Anderson said this shift is required as companies continue to lose the battle against attackers with an inefficient and ineffective security model. Vendors need to adopt a new consumption model to address this and make new security products easier to consume as services on top of a platform, he said.

“All of this innovation has to be able to be consumed. This is what’s fundamentally wrong,” Anderson said. “We have to make it easier to consume the innovation that our industry is cranking out.”

Partners said they also see the need for a security market disruption. Andy Segal, president of Albertson, N.Y.-based Vandis, said customers are maturing. They are looking for deeper analytics and faster response times to combat an increasingly more sophisticated adversary, he said.

“I think that the market is evolving and maturing. You can’t stay exactly where you are. You have to evolve and mature with the market,” Segal said.

Related:

Former Massachusetts AG Martha Coakley: ‘We Can’t Be Afraid Of New Frontiers Like Cloud’

Martha Coakley, a partner at Kelly and Hoag LLP and this year’s keynote speaker at the Mass Bay Security Summit in Wellesley, Mass., calls the use of cloud in enterprise an “educational issue.”

Coakley, who served two terms as Middlesex district attorney and two terms as the state’s attorney general. likened the ability to code today with people learning to read and write after the invention of the printing press. She said that it’s important to stay abreast of the changes being made in technology to use them to our advantage.

“So much of what we do and are able to do is based upon this language and the capabilities that it gives us. You don’t have to be a computer or IT expert to understand the basics of it so that you can use it and not be afraid of it,” said Coakley.

She admitted that with cloud computing comes some risk, but that when it is used and “cared for” correctly, it can do far more good than harm.

“This fear of the unknown has been true for any new form of technology over the years, and I think that having a common sense approach will allow us to employ our native intelligence and balance the potential threats with the many benefits,” she said.

At the Summit, she encouraged audience members, saying they shouldn’t be afraid of new technologies and where they might take us.

Related:

5 Hot Happenings From Palo Alto Networks Ignite 2017

What’s New From Palo Alto Networks

Palo Alto Networks looked to up its security game across the board at its Ignite 2017 event in Vancouver, Canada, this week, rolling out new technology products, partnerships and venture capital investments. The investments aim to upend the current security status quo in multiple areas, bringing in new talent and redefining what a security platform should look like. The changes build on a massive update Palo Alto Networks rolled out to its platform earlier this year, adding new features across its full technology set with the PAN-OS 8.0 update. In a Tuesday keynote at the event, Executive Vice President of Product Management Lee Klarich said the changes propel Palo Alto Networks to the next generation of security, one based on platform security and subscription services.

“Security can’t stand still. Innovation has to continue,” Klarich said. Take a look at five things Palo Alto Networks announced at its event this week.

Related: