Your company has reason to believe that it may be attacked in the near future or recently has come under attack. The main questions that come to mind:
– How do I know if the attackers will be successful?
– How can I test my environment myself for expected attacks?
Throughout the history of mankind, whether in warfare or crime, the advantage has swung between offense and defense, with new technologies and innovative tactics displacing old doctrines and plans. For example, the defensive advantage of the Greek phalanx was eventually outmaneuvered by the Roman legion. Later, improvements in fortifications and armor led to castles and ironclad knights, until the invention of gunpowder made them obsolete. In the 20th century, fixed fortifications and trenches were rendered outdated by highly mobile armored forces. In all these examples, the common denominator is that one side’s tactical advantage spawned new ways of thinking among its opponents, eventually degrading that advantage or reversing it completely.
What do local car dealers, hospitals and banks all have in common? At first glance, not much. However, all of them have become recent hacker targets. Why now when other, much larger corporate entities have traditionally been targets? One word – resources. Their resources, both network and personnel, are stretched thin. With the increased complexity and length of Distributed Denial-of-Service (DDoS) attacks, it’s a struggle for all organizations, let alone small and medium businesses. The 2016 State of SMB Security Report found that half of the 28 million small businesses surveyed were breached in the past year. Verizon cited, in their 2017 Data Breach report, that 61% of data breach victims were businesses with less than 1,000 employees.
In a recent Light Reading webinar, Principal Heavy Reading Analyst Jim Hodges and I discussed the growing need for Managed Security Services. DDoS attacks are becoming increasingly sophisticated and complex, lasting more than 24 hours in some cases. The attacks aren’t limited to specific industries or company sizes anymore, and push stretched internal IT resources to the breaking point. The 0s and 1s that flash through service provider networks are equally vulnerable. Attackers don’t care where the data is coming from…they’re looking for vulnerabilities they can exploit for money. The days of hacks focused on large retail organizations like Target and Home Depot are behind us. Merck and Co., a large U.S.-based pharmaceutical firm, was one of several global companies impacted by a massive global attack. Don’t let these hacks bring your customers’ network down.
Over the years Radware has followed the evolution of DDoS attacks directed at the gaming industry. For the industry, large-scale DDoS attacks can result in network outages or service degradation and has become an everyday occurrence. In 2016 Lizard Squad and Poodle Corp launched repeated attacks against EA, Blizzard and Riot Games, resulting in service degradation and outages for users around the world.
This blog discusses active research from Radware’s ERT research team regarding a DDoS for Ransom campaign.
This is a preliminary report and will be updated accordingly.
Over the past four years, communications service providers (CSPs) have taken measurable strides to migrate network functions and applications to the cloud. And while we are not there yet, it’s clear that the cloud will drive the future of service innovation. However, in my view, the very definition of service innovation is also extended in the cloud environment.
A prime example in my mind is the expansion of managed services to a cloud managed services model which drives profound business and technical change. While this cloud managed services model continues to be defined in real time, it’s readily apparent that cloud-based managed security services will play a prominent role.
The Risk DDoS Attacks Pose to Enterprises
Denial of Service attacks affect enterprises from all sectors (e-gaming, Banking, Government etc.), all sizes (mid/big enterprises) and all locations. They target the network layer up through the application layer, where attacks are more difficult to detect since they can easily get confused with legitimate traffic.
A denial of service attack generates high or low rate attack traffic exhausting computing resources of a target, therefore preventing legitimate users from accessing the website. A DDoS attack can always cause an outage, but often they have the stealth impact of slowing down network performance in way that enterprise IT teams do not even realize the network is under attack and simply think the network is congested, not knowing the congestion is actually caused by an attack.
The idea of an Internet of Things (IoT) botnet is nothing new in our industry. In fact, the threat has been discussed for many years by security researchers. It has only now gained public attention due to the release and rampage of the Mirai botnet. Since Mirai broke the 1Tbps mark in late 2016 the IoT threat has become a popular topic of conversation for many industries that utilize connected devices. Not only are companies worried about if their devices are vulnerable but they are also worried if those devices can be used to launch a DDoS attack, one possibly aimed at their own network.
Distributed Denial of Service attacks, commonly called DDoS, have been around since the 1990s. Over the last few years they became increasingly commonplace and intense. Much of this change can be attributed to three factors:
