Privacy, vulnerability and reliability are the three main issues almost every connected device currently on the market faces, yet consumers are still choosing to automate their homes at an incredible rate.
In 1957 the Monsanto House of the Future was constructed at Disneyland in Anaheim, California. This house was constructed by Monsanto, Massachusetts Institute of Technology and Walt Disney Imagineers to provide visitors with a tour and an idea of what future homes might look like in 1986.
Design concepts in the Monsanto House of the Future included Ultrasonic dishwashers, a central panel for a zone-controlled climate system, bathroom vanities with a push button headset, closed circuit television receivers for security and built-in stereo systems. Simply put, the smart home of the past was the idea of mechanically automating everything with a push of a button.
Most of my life has been centered around architecture and design. Both my grandfather and great grandfather were architects and during my childhood I spent a lot of time in and around their buildings.
On February 27th Radware noticed an increase in activity on UDP port 11211. As other organizations began to disclose a trend in UDP amplified attacks over UDP port 11211, Radware’s ERT Research team and the Threat Research Center began preparing for the inevitable. With a Bandwidth Amplification Factor (BAF) ranging between 10,000x and 52,000x, we knew that due to this exposure and publication that attackers would be quick to adopt this method and could easily reach volumes well over 500Gbps.
Change is inevitable and it happens in every industry. Those that evolve with change often help lead the transformation and revolutionize their domain. In 2016 we began to enter the era of digital transformation in our industry and changes have begun to take place that are revolutionizing the way we consume, collect and deliver data to every aspect of society. Along with these changes have we seen the creation of new businesses and opportunities centered around this evolution in connectivity. Digitization is creating growth opportunities and offering user experiences in ways we have never seen before.
As the 2018 Winter Olympics in PyeongChang approaches, Radware’s Emergency Response Team (ERT) and Threat Research Center turn their attention to the large crowds and target-rich environments created by high-profile events once again. With over 1.07 million tickets available for 102 events over 16 days, spread out across two clusters and containing a total of 12 venues, the crowds at the 2018 Winter Olympics will bring a large demand for connectivity. This enormous demand for connectivity and technology at the Winter Olympics will also pose a security risk for Olympic organizers, partners, sponsors, suppliers, service providers, athletes and attendees.
2017 has been another eventful year for denial-of-service attacks. Radware’s ERT team has monitored a vast number of events, giving me ample opportunities to review and analyze attack patterns to gain further insight into trends and changes in the attack vector landscape. Here is some insight into what we have observed:
More than half of all internet traffic is bot-driven. That means, if you have a website, you have experienced bots in one way or another. Bots are automated software that interacts with your website for a number of different reasons, both in a legitimate and illegitimate way.
The growth of DDoS-as-a-Service has resulted in a wide array of powerful and affordable DDoS services available to the public. Since the beginning of 2016, Radware’s ERT Research division has been monitoring a number of services available on both the clear and the darknet. These off-the-shelf attack services have been used to launch DDoS attacks on a number of industries including ISPs, media, financial service companies and online gaming. These services are commoditizing the art of hacking by making it possible for novices with no experience to launch large scale attacks.
Darknet markets are nothing new but they have grown considerably in popularity since the highly publicized take down of the Silk Road marketplace in October of 2013. Since then users around the world have flocked to these sites in search of drugs and other illicit services. Due to the high demand and availability for these items many marketplaces began to spring up across the Darknet. Most of these marketplaces feature drugs, but after the Silk Road takedown, marketplaces began offering items Silk Road wouldn’t allow. These items included weapons, credit cards and other malicious services like malware, DDoS-as-a-service and data dumps.