‘The Art of Cyber War’ at Black Hat 2014 in Sao Paulo

0
325

This week I’ll be attending the Black Hat Conference in Sao Paulo (… my first time in Brazil and I’m really looking forward to it!) and I was given the exciting opportunity to discuss some of the latest cyber-crime trends that we’ve seen at Radware.

Cyber-attacks have become so prevalent that nearly every online business, financial service, government agency, or critical infrastructure is a likely target.  In fact, a case can be made that cyber-attacks are not just a powerful option for perpetrators, but they have risen to become a desirable weapon in their caches.

A weapon is right.  A routine choice for hacktivists, cyber-attacks seek to leverage the impact of conflicts and social protests.  A recent example of this is the Anonymous group joining the Occupy Wall Street protesters by launching attacks on major financial institutions in New York.  Other attacks, like those on Sony® and other companies affiliated with the copyright industry, have also been used as revenge as part of Operation Mega-Upload.

In an era where cyber-attacks have become a main-stream and permanent tactic in perpetrating cyber-crime, social protests, and cyber war, organizations need to implement a security solution which can overcome a litany of emerging risks.

Join my upcoming seminar "The Art of Cyber War" at Black Hat on November 25th as we analyze why recent cyber-attacks became so successful and also what layers of defense are required for your business to survive. 

Here’s an invite to register (in Portuguese) and a preview of the defense layers we’ll cover:

  • The Perimeter Layer – The need for a set of security modules that include Denial-of-Service (DoS) protection, Network Behavioral Analysis (NBA), Intrusion Prevention System (IPS), and Reputation Information.
  • Application Layer Security Risk Management
  • Application or Transaction Layer – This layer of security is defined at the ‘transaction-oriented’ or application-layer. It covers numerous areas of concern and in this layer the complexity of detection and mitigation rises and the need for premise-based technology becomes paramount.
  • Cloud Layer – The next layer of defense is defined at the ‘volume threat’ and is based in the cloud. Attackers flood the victim with a high volume of packets, consuming networking equipment resources or bandwidth resources.
  • People Layer – Possessing knowledgeable and specialized security experts who provide 24×7 instantaneous service to restore operational network and service status for customers facing DDoS attacks.

Companies that rely solely on ‘one-size-fits-all’ in-the-cloud managed security or an on premise security solution often cannot withstand coordinated attack campaigns.  Attackers are patient and persistent and can leverage multiple attack techniques like low & slow attacks.  These same attackers also use evasion techniques to avoid detection and mitigation such as SSL-based attacks or changing the page request in a HTTP page flood attack.  If there is one permeating, unending lesson learned on how to survive cyber-attacks, it is that modern day security teams need to be agile and crafty in combatting attacks.  Solutions that include a hybrid security approach offer the most comprehensive protection against all kinds of attacks. 

I look forward to sharing more attack types and attack prevention tips at Black Hat during this seminar and also at Radware Booth #240.  Stop by and see our team!

LEAVE A REPLY

Please enter your comment!
Please enter your name here