The last several months have been historic by any measure. U.S. banks and financial institutions around the world have come under cyber-attacks at a high rate. We’ve seen everything from DDoS attacks to waves of ransomware.
So, why was this? Is it because they didn’t have enough resources or serious professionals dedicated to program management? Not likely. The true answer is a bit more uncomfortable, but worthy of exploration.
Managing the security of critical information has proven a challenge for businesses and organizations of all sizes. Even companies that invest in the latest security infrastructure and tools soon discover that these technology-based “solutions” are short-lived. From antivirus software to firewalls and intrusion detection and prevention systems, these solutions are, in fact, merely the most effective strategies at the time of implementation. In other words, as soon as businesses build or strengthen a protective barrier, the “bad guys” find another way to get in. Attackers are constantly changing their tactics and strategies to make their attacks and scams as damaging as possible. The good news is that it appears that attacks and subsequent defenses are breaking down in categories which can be measured systematically. The following areas are of a particular concern as we look towards 2017-2018 planning for attacks:
Mike Geller from Cisco’s CTO office and Ehud Doron of Radware’s CTO office presented at Cisco Live Berlin 2016 the revolutionary concept of Network-as-a-Sensor to fight DDoS attacks.
There are two approaches to detect against DDoS attacks: on-premise (also sometimes called in-line) and Cloud (out of path). When a DDoS protection solution is deployed on-premise, organizations benefit from an immediate and automatic attack detection and DDoS mitigation solution. Within seconds from the start of an attack, the online services are well protected and the attack is mitigated.
The cybersecurity industry keeps us all on our toes trying to follow up with solutions and breakthrough technologies – not only in advanced security capabilities, but also with state of the art methods of management and integration with other network security elements.
You want your security elements to play together in a well synchronized manner. You wouldn’t want to have to intervene to frequently make manual adjustments, would you?
DDoS attacks have become a mainstream topic frequently in the news with coverage in major news outlets around the globe from ABC News to ZDNet and most in between. Attack campaigns by groups like Anonymous, DD4BC, Lizard Squad and Lulzsec have become dinner conversations in many homes and online businesses have been struggling to keep pace with the evolving threat landscape.
When meeting with companies newly looking into protection from DDoS attacks, it’s a common occurrence that they have no idea they’ve already been attacked. Certainly, a healthy number of companies that come to Radware looking for help are those that have been hit by large attacks. They either had no solution in place or found that the solution they had was ill equipped. Also not uncommon are organizations that have been threatened by attacks through some kind of ransom-based threat. Naturally, these evaluations occur under some urgency and duress, making it challenging on both sides.
Zeus Kerravala is founder and principal analyst of ZK Research, and is a featured guest blogger.
The topic of cyber security is always near the top of any business or IT leaders’ priority list. In my years as an analyst and prior to that, an IT leader, I’ve never seen more focus on security than I do today. Over the past few years we have seen a rash of high profile breaches in organizations like banks, Ashley Madison, the Office of Personnel Management, and Target. These organizations spend tens of millions of dollars trying to protect their organization, yet they fail.
The attacks that get the most news coverage have dramatic names that make for compelling headlines. You can practically feel the intensity of brute force or volumetric DDoS attacks. These attacks target layers 1-4 of operator networks, the layers where data is moved around in the network. But, there’s a troubling blind spot in legacy network security solutions that enables hackers to go deeper into the operators network – all the way through to Layer 7, the application layer.
If you own, operate, or even consume a carrier-grade communications network, it’s a safe bet you are under attack right now. Attack motivations and attack tactics may vary, but one consistency is that high profile, sophisticated attacks on carrier networks are increasing – in both number and severity. Attackers are getting in and causing slow-downs in network speed and performance, service outages and worse.
Every good hero needs a trusty guide.
Sherlock Holmes had his Watson. Bruce Wayne had Alfred. Captain Kirk? He had Spock. Today’s information security professionals are no different. They work in the trenches to protect networks and applications and they are the modern day heroes of our digital lives. And thus, a guide for keeping up with the fast evolving cyber-threat landscape is valuable when supporting combat.
