Do Hackers Have It Easy?

Hackers got it easy. At least, it feels like it. They are in a growing “industry” with many, almost endless, targets to choose from. They have access to new tools and techniques, services that make it easy for them to launch an attack and lots of information and personal data at their fingertips. All of that is available today on the Darknet, and you don’t need to be a sophisticated hacker to get access and start “enjoying” it all.

In this past year, they’ve taken it a huge step further – Internet of Things (IoT) botnets.  Hackers are taking control of all those relatively insecure IoT devices out in the world and leveraging them to create even more powerful, more sophisticated attacks.  These recent IoT threats have spawned the largest DDoS attacks in history, propelling the market into the 1Tbps DDoS era.

These hackers are leveraging Burst attacks and Advanced Persistent DDoS (APDoS) campaigns to launch multi-vector, blended campaigns that combine high volume network vectors with sophisticated, application-layer attacks.

So, yes, it does feel like hackers got it easy.

That’s not the case for the rest of us – the good guys – trying to stay protected and keep our networks, applications, and information secure.

[You might also like: 2017’s 5 Most Dangerous DDoS Attacks & How to Mitigate Them (Part 1)]

We have a challenge to keep up with these hackers and continuously evolve protections.  Protecting from the “common” DDoS attacks is no longer enough.  You need to ask yourself if your organization is prepared to handle Ransom DoS (RDoS) attacks, DNS Water Torture attacks, SSL floods, APDoS, application layer attacks and more.

When choosing a DDoS protection solution, make sure it can protect from these threats. This requires a dynamic solution that can keep up with constant changes in attack types and provides full coverage from all forms of DDoS attacks.  Go for more automated solutions that leverage behavioral-based and machine-learning based algorithms and rely less on rate-based technology or humans for signatures and static protection.

Radware has invested time and resources in understanding this market – understanding how hackers operate, what tools they use and how they use them, understanding where attacks are today and how they are going to evolve in the future.  With our leading behavioral-based DDoS technology and experienced security researchers in our Emergency Response Team (ERT), we are staying on top of these new threats.

Today, we are excited to introduce the ultimate IoT-botnet killer platforms with our new DefensePro product line – uniquely built to overcome both the complexity and scale of today’s sophisticated IoT-based botnets by providing behavioral-based DNS protection; in-the-box, patented SSL attack mitigation and Burst attack protection.

So don’t compromise on your DDoS protection.  Get familiar with these top threats – IoT botnets, DNS, SSL and Burst attacks – and make sure your security solution can effectively protect you.  You can learn more about these top threats by reading “Top 9 Threats Your Organization Must Be Prepared For“ and get a closer look at evolving threats from botnets, Web Scraping and IoT zombies in Radware’s “When the Bots Come Marching In” ebook.