By now you have probably heard about Brickerbot, Hajime, and the growing problem of Internet of Things (IoT) botnets. This round-up will provide you with a number of comprehensive resources to bring you up to speed.
Breaches of personal data have big consequences. Ask any user of Ashley Madison. Ask executives at Sony. Ask Hillary Clinton’s campaign. And, as we learned from the recent Wikileaks dump, all those private messages you’re sending may not be so private.
So, if you had to choose, who would you rather have view what is on your phone? The government? Or your significant other?
Happy Near Year! Another year has come and gone in the blink of an eye. 2016 brought with it several interesting threats and attacks in the cyber-security space, among them the largest DDoS attack in history, the enslavement of Internet of Things (IoT) devices by botnets, the rise of cyber ransom and more – all of which we have dutifully reported here on the Radware Blog.
You, our readers, are what drive our dedication and commitment to industry insight. So what did you think of 2016? We’ve compiled a list of the top 5 blogs you most loved from last year.
There has been much talk in 2016 about the Darknet, a dangerous place where illicit or underground activities are conducted and consisting of many digital marketplaces where items can be bought or sold for cryptocurrencies. It sounds like the stuff of crime novels, and in a way, it is – commodities like drugs, guns, and cyber-attack services can all be found if you know where to look. The below blogs from ERT Researcher Daniel Smith will provide more information on what exactly the Darknet is, how to access it, and what can be found there.
Unless you have been living under the proverbial rock, you probably heard about a number of Internet of Things (IoT) attacks this fall, beginning with KrebsOnSecurity, then OVH, then the DDoS attack on Dyn DNS. All of this started with a bot called Mirai, and involved IoT devices. Why is this important? By 2020, it is estimated that the number of connected devices is expected to grow exponentially to 50 billion. A survey by HP indicates that about 70% of these devices have vulnerabilities, making them the perfect targets for botnets like Mirai.
In 2015, we made a number of predictions for the upcoming year. One of the bigger predictions was that we would see the continued rise of ransomware and RDoS (ransom-denial-of-service) attacks. When we look back at the year, we were right – 56% of companies we surveyed reported being threatened in this manner.
Because these attacks have become so prevalent, it’s important to understand the motives behind them, and how to protect your organization. Below is a round-up of some of our most popular blog posts to bring you up to speed on this threat:
How much someone is willing to pay in a ransom attack varies greatly by age, with younger consumers likely to pay more.
That’s one of the findings in a new study among over 2,000 U.S. adults conducted online on behalf of Radware by Harris Poll. It’s not a great sign after a year when ransom attacks locked up patient records at hospitals and disabled MUNI ticket machines in San Francisco. The attacks included ransomware, ransom DDoS, and other threats designed to extort money from unprepared organizations. Many variants arose, including Locky and Petya that propagate through spam emails and phishing, respectively; Samas, which exploits webserver vulnerabilities; and Cerber, which imitates an Adobe Flash player update.
Who is to blame when hackers take control of thousands of internet-connected devices to carry out a DDoS attack?
That’s what security researchers have been asking since the Dyn attack hamstrung dozens of major websites in October. Using the Mirai malware, hackers harnessed 100,000 internet-connected devices in a DDoS attack that reportedly reached 1.2 Tbps. Those devices, from cameras to DVRs, are often consumer-owned, and we wanted to see what consumers thought of their devices being co-opted for these attacks.
We asked them where they’d point fingers if their devices are compromised and used as part of an IoT botnet.
Security executives have a lot on their plate. They’re grappling with a new breed of cyber-attacks, financially-motivated cyber assailants, and a bevy of new, connected devices (both corporate and employee) that bring unintended security risks to their organization.
But it’s not all doom and gloom. C-level executives are relying on new technologies and best practices to fight fire with fire. They’re turning to former enemies for help, getting more bang for the buck, and relying on automation to safeguard their organization’s most critical information assets.
We’re fast approaching the biggest holiday shopping season for retailers. Just how big? According to the National Retail Federation’s annual consumer spending survey, consumers plan to spend an average of $935.58 each this holiday season in 2016. What’s more, 41% of consumers plan to start their shopping this month. Every year, consumers entrust their financial and personal information (everything from credit card data to home addresses) to retailers both big and small. But are these stores doing enough to keep their customers’ data safe?