Inside the World of Hacker Reconnaissance

The inventor of the telephone, Alexander Graham Bell once stated, "Before anything else, preparation is the key to success." Unfortunately, it appears that attackers launching DoS/DDoS attacks have embraced this line of thought and invested their efforts in reconnaissance and meticulous preparation during the "pre-attack" phase. Drawing from attacks handled by our Emergency Response Team (ERT), Radware recently conducted research on the ways in which pre-attack planning and detailed preparation dramatically increases the potency and success rate of attacks.

Stock Exchanges in the Line of Fire

During last week’s RSA conference in San Francisco, I gave a lecture titled "Stock Exchanges in the Line of Fire – Morphology of Cyber Attacks." Based predominantly on my experience as part of Radware’s Emergency Response Team (ERT) that provides 24/7 DDoS attack mitigation support, I focused on three specific topics:

New Attack Trends – Are You Bringing a Knife to the Gunfight?

Today, we launched our 2012 Global Application and Network Security report. It was prepared by our security experts – the Emergency Response Team (ERT) – who’ve seen their fair share of cyber attacks while actively monitoring and mitigating attacks in real-time. In this year’s annual report, our experts have uncovered several new trends in cyber-security worthy of a closer look.

Security Week Article: The Missing Layer Against Encrypted Attacks

I recently contributed another column to Security Week about attackers launching attacks over HTTPS more than ever before. With an increased level of encrypted traffic on enterprise networks, attackers are taking advantage of this blind spot within the organization’s security model.

Social Media services and online financial services have become targets. Most will employ different layers of defense for an encrypted attack. However, this approach will not be effective if an attack included an availability-based threat vector such as Denial of Service attack or zero-day advanced threats.

This is because processing an encrypted attack consumes more system resources than processing non-encrypted data. As a result, an attacker is able to make a big impact even at relatively low rates of requests per second. The solutions that can decrypt the traffic can only detect the known low rate attacks rather than the unknowns (zero-day).

To really help mitigate an attack such as this, a network needs to include another layer which is the network wide attack protection.

I share my thoughts on what an organization needs in order to successfully handle these threats and invite you to read this column to learn more about it. You can also tweet about the column to share it with your followers.

Security Week Article: The Need for Resource-Aware Mitigation Technology

Recently, I wrote an article for Security Week on the growing need for security solutions to manage under-the-radar attack tools before they wreak long-term havoc on the network. When first hearing about another lethal DoS (denial-of-service) attack, the first thing that comes to mind is the volume of traffic attackers sent to take down a service, or to flood a victim’s network. Realizing a more “affordable” solution, attackers are now favoring techniques that require very little resources and can slowly occupy a victim’s machine until the resources are spent.