CHI-NOG 2016 Recap

A few weeks ago I had the honor of presenting at the Chicago Network Operators Group (CHI-NOG) conference about the current DDoS Threat Landscape and some of the tools people are using to attack networks today. It was the sixth iteration of the event, which continues to grow in size and content, and the second time that I have been fortunate to present about DDoS. Radware was pleased to be a sponsor of the event this year.

read more

2016 Summer Olympics: In The Crosshairs

As the 2016 Summer Olympics approach, the cyber community turns its attention to the crowds and target-rich environment created by this high profile sporting event. Over 500,000 attendees to Rio De Janeiro are expected to consume record breaking connectivity volumes. This enormous demand will pose a security challenge for service providers as the 2016 Summer Olympics have the potential to be one of the most vulnerable sporting events in modern history and will provide cyber criminals with numerous opportunities.

Cyber criminals focus on identity theft by deploying malicious software designed to harvest and steal personal information. Technologies designed to enhance the spectator experience also poses challenges. Internet Service Providers (ISP), sponsors, online merchandise stores, gambling websites, hotels, and even federal and city administration networks are potential targets. Each has a different threat scenario based on the vector of attack.

read more

Was There a DDoS Attack on Pokemon Go or Not? Does It Really Matter?

Pokemon Go launched recently on July 6 with an overwhelming response from fans and players signing up in unprecedented numbers. By July 12, there were over 21 million active users who had downloaded the game to their phones to catch Pokemon like Pikachu and Charmander.

Of course, with the massive influx of players to the game, there were connectivity issues. Potential players could not create accounts and afterwards, they were only logging into the game intermittently. This is most likely due to the game’s designers not properly predicting the number of people wanting to play and scaling out the appropriate pieces of the infrastructure including the registration servers, authentication servers, and application servers.

read more

5 Cyber Attack Developments Worth Your Attention

Are you concerned about being targeted?

I am. As an IT person, it’s hard not be afraid when cyber attackers are always one step ahead of you. And, they have been quite busy this year, DDoSing, spreading malware, Ransoming and Doxing. I’m sure the stories have filled your newsfeeds.

The Bigger Picture

To understand what’s happening in the threat landscape, we need to put aside the headlines for a moment and focus on the bigger picture. There are five interesting trends that have implications for the way we perceive security, both as organizations and as individuals.

read more

Malware and Botnet Attack Services Found on the Darknet

Over the last several months we have explored a number of attack marketplaces along with the different tools and services offered on the Darknet. In this post we are going to take a deeper look at the different malware and botnet services found on the Darknet.

A botnet is a collection of compromised computers that are often referred to as zombies, slaves, or bots. These devices are infected by malware that allows the attacker to ultimately control the compromised computers. The owner of a botnet is often referred to as a “herder” and is able to control the infected devices through covert channels like an Internet Relay Chat (IRC), that allows the attacker to issue commands. These commands inputted into the Command and Control server (C&C) tell the bots in the botnet what to do, such as performing denial of service attacks, sending spam with ransomware attached or information theft.

read more

Cloud-Based or Provider-Managed DDoS Mitigation: Which is Right for Your Organization?

Two facts are changing how companies think about DDoS mitigation: Attacks are more frequent than ever and are increasingly easier to initiate from anywhere in the world.

Simply put, the days when firewalls and a large enough pipe to the internet were enough to protect your network have long since passed. Any organization or website is a potential target, and with high odds of a given attack flooding homegrown defense tactics, most companies are moving their mitigation tools offsite. The cost of downtime – upwards of $9,000 per hour for small businesses and $690,000 for large companies – are just too great to risk going it alone.

read more

Early Attack Activity Forcing New Thinking in Healthcare IT/Security

Every year when we conduct our survey for the Global Application & Network Security Report, one of the more interesting things to observe is how different industries are viewing the threat landscape. Changes such as technology adoption within industry tend to create new points of vulnerability, which quickly become the targets of malicious actors looking to exploit these new-found points of access. This year has been a particularly eye-opening year for the healthcare industry, which has seen a rash of recent attacks targeting their increased reliance on technology and networked data, often through the tactic of ransom attacks.

The increase in ransom attacks was one of the many interesting angles we saw within the inputs of the healthcare industry through our survey. Others provide additional insight into areas IT and security practitioners in the space have more or less concern, or feel either exposed or more or less secure.

read more

Threat Alert: Bitcoin Exchanges and Websites Experiencing DDoS Attacks

Over the last several months, our ERT Research team has noticed a growing trend of attackers targeting Bitcoin exchanges and websites that deal with Bitcoin directly. These websites are increasingly becoming the target of denial of service campaigns for a number of reasons. First, they are mainly targeted by extortionists, but they are also experiencing attacks from competition and user aggression.

Bitcoin-related sites attract a lot of attention and demand from their users, but this also plays against them. This dedicated user base requires instant access and live updates about market conditions and the current value of Bitcoin. When these services go down, thousands of users are left locked out of their accounts, which can result in reputation damage or financial loss for their users. This is also why extortionists choose to target these sites; not only do they have Bitcoin on hand, but some are not willing to go offline even for a moment due to the fear of losing clients.

read more