Danish telecom operator TDC’s Security Operation Centre has recently discovered a new attack technique in the wild dubbed BlackNurse that allows a single laptop to DDoS a high-bandwidth enterprise firewall. Paul Calatayud, CTO at FireMon commented below.
Paul Calatayud, CTO at FireMon: “On certain types of firewalls, this attack requires that the firewall be misconfigured. Device configuration and firewall compliance should be a core requirement for any enterprise. A big part of mitigating threats and attacks is often basic approaches that – at scale – can be difficult or inconsistent. Configuration management is one such example; while it may not be as interesting as other cyber defence strategies, when done effectively, it is vital in terms of optimal cyber defence posture. This latest research once again proves that enterprises should never underestimate the value of firewall configurations done properly.”