Amity Secures Its Campuses with New Cyber Alert System

The system enables them to collect attack data from its ATP sensors installed across 11 national and international Amity locations to create a security bulletin report of attack trends.


  Cyber threat is one of the biggest issues for any organization. And hence every organization today has some security measures in place to be able to fight against the emerging threats and safeguard their networks. However, there are very few, according to Dr JS Sodhi, the CIO of Amity University, who manage to parse attack data and use these insights to steer clear of similar threats in future. Amity University wanted to create a platform that analyze data real-time from across different types of attacks, on a national level. The IT department of the university conceptualized the project called NCAS to deflect attacks including targeted malware threats to Amity’s IT Infrastructure, and to generate a real-time alert of attacks. They wanted to collect malware and attack logs and do research on them and bring Intelligence to be able to forecast future attacks. National Cyber Alert System They developed Advance Threat Protection Sensor (ATP-Sensor) technology in-house by the CCFIS Forensic Team. ‘National Cyber Alert System is a project in which we collect data from all ATP sensors installed across the globe (at 11 national and international Amity locations) and create one security bulletin report including attacks and malware trends,’ says Dr JS Sodhi, VP & CIO, Amity University. The sensors while successfully deflecting targeted attacks captured around over 500 malware and 20 lac attacks to their network. ‘These malware were sophisticated enough for the regular antivirus solutions to capture,’ says Sodhi. This sensors they deployed, which works differently from traditional appliances, safeguards their network by deflecting targeted attacks from actual networks to virtual decoy monitored servers. ‘Installing this sensor on actual production environment can block up to 70% of targeted attacks,’ Sodhi claims. The appliance can simulate different services including http, https, ftp, ssh, and more. The device can simulate over 100 servers, web applications and users. ‘Whenever an attacker tries to intrude a network, the admin will be presented with two different networks. One will be the original production environment network and another will be the virtually monitored decoy of that network, say Sodhi. To analyze the attack data, the malware analysis team - consisting of analysts, reverse engineers, programmers, ethical hackers and forensics experts, tried to decrypt malware by deploying them on live environments to monitor behavior analysis, which was then followed by the recommendations of business intelligence team. Strategic benefits ‘All their campuses are now safe with the deployment of ATP Sensors under the national alert system. The reports that they generate from the logs help CIOs and CISOs to take informed decisions related to security of IT infrastructure,’ says Sodhi. The ATP sensors offer peace of mind for IT admins and end users. This helps them reduce downtime and the stress of losing critical data anytime. It also helps to save their software and hardware from harm caused by security breaches. It ensures users stay on task and do not deviate from set norms. There are always certain regulations in place that are set to improve efficiency. This solution helps in regulatory and internal policy compliance by logging and proactively monitoring diverse information across the enterprise in real-time. The solutions deployed perform predictive threat modeling and simulation to prioritize the multitude of vulnerabilities. It also helps in automatically monitoring and alerting on policy violations. Future plans The university intends to start another project titled ‘Ring of Fire (RoF)’ where they will replicate the NCAS project to national level. They plan to install it on different ISPs and block targeted and general attacks before they even enter the network. They will do reverse engineering of every captured malware to find out the intentions of the attack. ‘We will launch a real-time online forum where we will release updates as soon as our ATP sensors detect any attack, in a graphical real-time map,’ says Sodhi.


Around The World