main

SecurityService Provider

Protecting Sensitive Data: What a Breach Means to Your Business

August 29, 2018 — by Mike O'Malley1

data_falling_data_leaks-960x576.jpg

Data breaches have made big headlines in recent years, from Target to Equifax to Hudson’s Bay Co’s Saks and Lord & Taylor.  But the growing trend is actually in all the litigation stemming from data breaches. International law firm Bryan Cave analyzed the increasing trend of legal action following data breaches of all sizes. It found that in 2016 alone, there were 76 class action lawsuits related to data breaches:

  • 34% were within the medical industry
  • 95% had negligence as the most popular legal theory
  • 86% emphasized the breach of sensitive data

Our own research supports these findings. Radware’s 2018 Consumer Sentiments Survey found that 55% of U.S. consumers stated that they valued their personal data over physical assets, i.e. cars, phones, wallets/purses. In addition, Radware’s C-Suite Perspectives report revealed 41% of executives reported that customers have taken legal action following a data breach. Consequences of data breaches have extended past bad press, and include lasting effects on stock prices, customer acquisition costs, churn, and even termination of C-Suite level executives.

[You might also like: Consumer Sentiments About Cybersecurity and What It Means for Your Organizations]

Types of sensitive data vary by industry and therefore have respective attack methods. For example, the finance and commerce industry are expected to protect data such as names, contact information, social security numbers, account numbers and other financial information. Likewise, the healthcare industry is at high risk of data breaches, as medical records contain the same personal data in addition to more details that aid in identity fraud – such as doctor and prescription records, medical insurance information, and individual health attributes from height and weight to blood type.

On the surface, data breaches fall under the jurisdiction of CISO, CTOs, etc., but CEOs are now just as likely to be held responsible for these incidents; Target’s then-CEO was forced to resign following its 2013 data breach.  Other CEO’s at Sony and Home Depot were no longer in their positions within 6 months of their high profile breaches.

Laws and regulations surrounding data breaches are now moving at a faster pace due to steeper consequences, with the implementation of the European Union’s General Data Protection Regulation (GDPR) and the United States’ growing interest and demand in data privacy and protection. Security at its bare minimum is no longer realistic, and instead a competitive advantage for smart companies. C-level executives who aren’t reviewing security plans are opening themselves and their companies to significant liabilities.

How does GDPR affect me?

The GDPR’s purpose is providing protection over the use of consumers’ personal data. Companies are now held to a higher expectation to protect their customers’ data, further emphasizing the evolving consideration of cybersecurity as a necessity in business. At its strictest, companies found not having done enough can be penalized upwards of €20 million or 4% of the offending organization’s annual worldwide revenue.

Although data breaches alone are months of bad publicity in general, the wrath of consumers often stem from the delayed notification and response from the company. Companies incur this fury when they attempt to keep a data breach hidden only for it to be uncovered, resulting in increased litigation costs. The GDPR now mandates and upholds companies to the high standard of notifying data breach-affected consumers within 72 hours.

Targeted for a Data Breach

In 2013, one of the most notable, mainstream headlines focused on the data breach of Minnesota-based, retail giant Target Corporation. During the holiday shopping season, Target revealed their mass data breach of personal information, of which 40 million customers had personal financial data stolen and 70 million had general personal data (such as email and addresses) revealed. Attackers were able to exploit the company’s customer database through a third-party vendor’s stolen credentials, utilizing malware as the weapon of choice; the same malware was later utilized to attack other retailers such as Home Depot. Hackers after the finance and retail industry still utilize malware like Target’s 2013 data breach to create pathways from minimally-protected 3rd parties into more complex systems.

At the end of the investigation, Target had to pay a fine of $18.5 million across the U.S. in addition to its cumulative legal fees of a staggering $202 million for the data breach. What goes unmentioned however, is also the potential cost of lost customers from these breaches, as well as the brand reputation decline. The company must also abide to new Terms of Agreements by various State Attorney Generals that include requiring Target to employ a security leader for the creation and management of a thorough information security program, in addition to other related guidelines.

The Early Bird Avoids the Attack

Target became a lasting example of the need for cybersecurity to be implemented within a company’s architecture and business processes. The topic of protecting customer data has become its own high-profile discussion across various industries, rather than just within the technology industry. Being proactive with not only the security surrounding the company’s products/services, but also the data it collects, will be a competitive differentiator moving forward.

Radware research found that 66% of C-Suite Executives across the world, believed hackers could penetrate their networks, yet little is changed to implement protections as exhibited by the graphic below.

[You might also like: Cybersecurity & Customer Experience: Embrace Technology and Change to Earn A Customer’s Loyalty]

Sensitive data across all industries are valuable, coming at different prices in the dark net market. As data breaches are becoming more commonplace, industries have to take different levels of precaution in order to protect consumers’ personal data. For example, the healthcare industry heavily utilizes encryption to protect data such as medical records and prescription history. However, attackers are also implementing encryption attack tools in order to access this information. It is crucial for the cybersecurity systems of these organizations to be able to distinguish between valid encrypted information versus attack information encrypted with SSL, in order to prevent a breach. A comprehensively designed network infrastructure that consistently manages and monitors SSL and encryption technology through its security systems can ensure protected network and data privacy.

Transitioning cybersecurity from the hallways of IT and embedding it into the very foundation of business operations allows an organization to scale and focus on security innovation, rather than scrambling to mitigate new threats as they evolve or worse, litigating expensive class actions. In addition, this proactive approach further builds customer relationships via improved trust and loyalty. Knowing that cybersecurity is a company’s and CEO’s priority will help the customer feel more at ease with potential partnerships and strengthens the level of trust between.

Read the “2018 C-Suite Perspectives: Trends in the Cyberattack Landscape, Security Threats and Business Impacts” to learn more.

Download Now

Attack Types & VectorsSecurity

Free DNS Resolver Services and Data Mining

August 22, 2018 — by Lior Rozen2

dns_resolver_services_data_mining-960x640.jpg

Why would companies offer free DNS recursive servers? DNS data is extremely valuable for threat intelligence. If a company runs a recursive DNS for consumers, it can collect data on new domains that “pop up”. It can analyze trends, build baselines on domain resolution and enrich its threat intelligence overall (machine learning and big data are often used here). Companies can also sell this data to advertisers to measure site ratings and build user profiles.

The DNS resolver market for consumers is ruled by ISPs, as well as some other known servers by Google (8.8.8.8) and Level3 (CenturyLink). Since Cisco bought OpenDNS in August 2015, it has also become a major player, offering DNS services for individuals and organizations with its cloud security platform, Umbrella. Cisco OpenDNS focuses on malware prevention, as well as parental control for consumers. Akamai is also involved in the market, offering both recursive DNS for enterprises (a rather new service, based on a 2015 acquisition of Xerocole), and authorizes DNS services for their CDN clients. In several publications, Akamai claims to see more than 30% of internet data and is using this data as an add-on feed to its KONA service.

[You might also like: DNS and DNS Attacks]

In the Fall of 2017, IBM announced its new quad 9 (9.9.9.9) DNS service. This security-focused DNS uses IBM’s threat intelligence to prevent revolving known malicious domains (and protect against Malware) with approximately 70 servers worldwide. It claims to offer decent speed, and IBM has promised not to store any personal information (PII). On April 1, 2018, Cloudflare came out with a new quad 1 resolver – 1.1.1.1– that focuses on speed. With more than 1,000 servers, it promises to be the fastest resolver to any location. Additionally, Cloudflare promises never to sell the resolving user data, and to delete the resolver logs every 24 hours. Several independent measurements have confirmed Cloudflare’s success on speed which is typically the fastest after the ISP resolver. The one issue with a large number of servers is diffusion time as quad 1 takes significantly more time than other DNS providers to update about changing DNS records.

Another DNS initiative is DoH – DNS over HTTPS. This is a new standard proposal which is reviewed as the encrypted version of DNS (like HTTPS to HTTP). The focus here is both on privacy and security as DNS requests are done over HTTPS to prevent any interception of the request. If a user is using a different DNS, the ISP can still track the clear-text DNS requests, log them, or override them to use its own DNS resolver. The DoH protocol prevents this. Two major cloud DNS recursive servers support this protocol – the recent quad 1 by Cloudflare and Google’s DNS, as well as some other smaller ones. Mozilla recently ran a PoC with native Firefox support for DoH which was described here by Ars Technica.

[You might also like: DNS Reflective Attacks]

As we’ve shown, the DNS continues to evolve, both as a spec and as a service. Companies continue to invest a lot of money in collecting DNS data as they see the value in it. While each company provides a slightly different service, most are looking to mine the data for their own purposes. In order to do that, companies will be happy to provide the DNS service for free and compete in this saturated market.

Read “Radware’s 2017-2018 Global Application & Network Security Report” to learn more.

Download Now

Security

Staying Ahead of the Threat Landscape

June 29, 2018 — by Haim Zelikovsky0

cybersecurity-statement-960x720.jpg

Radware fends off thousands of attacks on a daily basis, resulting in thousands of satisfied customers around the world. However, the evolutionary nature of the cyberattack threat landscape requires every defender to adapt to changing attacks that are continually increasing in frequency and complexity. Realistically, attackers need little knowledge or money to be effective. They can launch attacks via user-friendly tools and services made available via a prospering hacker community. This underground economy is blooming and innovative, with research and competition driving attackers and their tools to new heights.

Protecting against these evolving threats is a perpetual effort and breaches have become an unfortunate reality. Radware is focused on staying ahead of the threat landscape through dedication, technology advancement, and most of all, through the partnerships we build with our customers. It’s through our day-to-day collaborations, that we learn from our customers and further our technological capabilities in order to mitigate even the most advanced attacks. Radware values these long-term partnerships because they bring us innovation from real-world experiences and strengthen our defenses for the global community and greater good. Let’s keep up the good fight, together!

Read the “2018 C-Suite Perspectives: Trends in the Cyberattack Landscape, Security Threats and Business Impacts” to learn more.

Download Now

DDoSSecurity

It only takes 6,000 smart phones to take down our Public Emergency Response System?

June 28, 2018 — by Carl Herberger0

telecom-threats-960x601.jpg

There are fewer scenarios which illustrate an evildoer’s heart than those designed for mass carnage.

We are all familiar with the false alarm (human mistake) of the Public Emergency Broadcast system in Hawaii earlier this year, which wreaked havoc throughout the archipelago. However, do we realize how fragile our nation’s emergency communications are and how vulnerable it is to cyber-attacks?

DDoSSecurity

The Money Behind DDoS Managed Security Services

July 27, 2017 — by Mike O'Malley0

ddos-managed-services-1-960x480.jpg

In a recent Light Reading webinar, Principal Heavy Reading Analyst Jim Hodges and I discussed the growing need for Managed Security Services. DDoS attacks are becoming increasingly sophisticated and complex, lasting more than 24 hours in some cases. The attacks aren’t limited to specific industries or company sizes anymore, and push stretched internal IT resources to the breaking point. The 0s and 1s that flash through service provider networks are equally vulnerable.  Attackers don’t care where the data is coming from…they’re looking for vulnerabilities they can exploit for money. The days of hacks focused on large retail organizations like Target and Home Depot are behind us. Merck and Co., a large U.S.-based pharmaceutical firm, was one of several global companies impacted by a massive global attack. Don’t let these hacks bring your customers’ network down.

Attack Types & VectorsDDoSSecurity

Eliminating Single Points of Failure, Part 2

July 6, 2017 — by Louis Scialabba0

ddos-primer-part-2-960x640.jpg

The Risk DDoS Attacks Pose to Enterprises

What is the impact of a DDoS Attack?

Denial of Service attacks affect enterprises from all sectors (e-gaming, Banking, Government etc.), all sizes (mid/big enterprises) and all locations. They target the network layer up through the application layer, where attacks are more difficult to detect since they can easily get confused with legitimate traffic.
A denial of service attack generates high or low rate attack traffic exhausting computing resources of a target, therefore preventing legitimate users from accessing the website. A DDoS attack can always cause an outage, but often they have the stealth impact of slowing down network performance in way that enterprise IT teams do not even realize the network is under attack and simply think the network is congested, not knowing the congestion is actually caused by an attack.

Attack Types & VectorsSecurity

My Network has High Cholesterol

June 22, 2017 — by Ben Zilberman0

network-high-cholesterol-960x601.jpg

5 out of 6 businesses struggle daily with low profile DDoS attacks that consume their bandwidth and resources and pose a burden, resulting in poor service level and customer experience

You know how when you get to a certain age, feeling ‘good’ is not good enough? Well it might be good for your everyday life – obviously, you don’t need to extract the most out of your brain and muscles for the day-to-day to-do’s, but there is no guarantee that there is nothing there that negatively impacts your performance, or may be silently growing.

Security

We Hate to Say “I Told You So,” But…

May 17, 2017 — by Carl Herberger1

revised-predictions-960x640.jpg

Every year Radware sets forth predictions in our annual security report called Radware’s Global Application and Network Security report and, we might add, have achieved a very substantial track record of forecasting how the threat landscape will evolve.  After all, it is fun to predict what may happen over the course of a year in security.  The industry moves so fast and while some things do stay the course, it only takes one small catalyst to spark a new direction that nobody could have predicted.

Security

2017 Considerations before Buying an Attack Mitigation System

May 11, 2017 — by Carl Herberger2

buying-attack-mitigation-960x641.jpg

Managing the security of critical information has proven a challenge for businesses and organizations of all sizes. Even companies that invest in the latest security infrastructure and tools soon discover that these technology-based “solutions” are short-lived. From antivirus software to firewalls and intrusion detection and prevention systems, these solutions are, in fact, merely the most effective strategies at the time of implementation. In other words, as soon as businesses build or strengthen a protective barrier, the “bad guys” find another way to get in. Attackers are constantly changing their tactics and strategies to make their attacks and scams as damaging as possible.  The good news is that it appears that attacks and subsequent defenses are breaking down in categories which can be measured systematically. The following areas are of a particular concern as we look towards 2017-2018 planning for attacks:

Attack Types & VectorsSecurity

The offspring of two comic book giants bring us the Bot Squad! Super freaky!

May 9, 2017 — by Carl Herberger0

Radware_The_Bot_Squad-960x960.png

To state the obvious, two well-known comic book giants have lit the imaginations of generations of children. They brought to life the fantasy that humans could be ‘super’ or immortal, or somehow infallible.

Each in their own way combined fantastical combinations of humans with unreal, unbelievable and incredible skills.

In the category of vision enhancement alone, there are legions of characters who have developed themselves in a surreal way, for example, through X-Ray vision, or super-acute vision (something akin to a hawk). Other superheroes were gifted with night vision or even eyes that fired deadly laser beams. However, did you know that these characters dreamt up in comic books all have somewhat real world equivalents? Well, maybe not in people, but clearly in video surveillance systems of the future.