main

BotnetsMobile DataMobile SecuritySecurityService Provider

IoT, 5G Networks and Cybersecurity: The Rise of 5G Networks

August 16, 2018 — by Louis Scialabba2

rise-5g-networks-iot-cybersecurity-960x640.jpg

Smartphones today have more computing power than the computers that guided the Apollo 11 moon landing. From its original positioning of luxury, mobile devices have become a necessity in numerous societies across the globe.

With recent innovations in mobile payment such as Apple Pay, Android Pay, and investments in cryptocurrency, cyberattacks have become especially more frequent with the intent of financial gain. In the past year alone, hackers have been able to mobilize and weaponize unsuspected devices to launch severe network attacks. Working with a North American service provider, Radware investigations found that about 30% of wireless network traffic originated from mobile devices launching DDoS attacks.

Each generation of network technology comes with its own set of security challenges.

How Did We Get Here?

Starting in the 1990s, the evolution of 2G networks enabled service providers the opportunity to dip their toes in the water that is security issues, where their sole security challenge was the protection of voice calls. This was resolved through call encryption and the development of SIM cards.

Next came the generation of 3G technology where the universal objective (at the time) for a more concrete and secure network was accomplished. 3G networks became renowned for the ability to provide faster speeds and access to the internet. In addition, the new technology provided better security with encryption for voice calls and data traffic, minimizing the impact and damage levels of data payload theft and rogue networks.

Fast forward to today. The era of 4G technology has evolved the mobile ecosystem to what is now a mobile universe that fits into our pockets. Delivering significantly faster speeds, 4G networks also exposed the opportunities for attackers to exploit susceptible devices for similarly quick and massive DDoS attacks. More direct cyberattacks via the access of users’ sensitive data also emerged – and are still being tackled – such as identity theft, ransomware, and cryptocurrency-related criminal activity.

The New Age

2020 is the start of a massive rollout of 5G networks, making security concerns more challenging. The expansion of 5G technology comes with promises of outstanding speeds, paralleling with landline connection speeds. The foundation of the up-and-coming network is traffic distribution via cloud servers. While greatly benefitting 5G users, this will also allow attackers to equally reap the benefits. Without the proper security elements in place, attackers can wreak havoc with their now broadened horizons of potential chaos.

What’s Next?

In the 5G universe, hackers can simply attach themselves to a 5G connection remotely and collaborate with other servers to launch attacks of a whole new level. Service providers will have to be more preemptive with their defenses in this new age of technology. Because of the instantaneous speeds and low lag time, they’re in the optimal position to defend against cyberattacks before attackers can reach the depths of the cloud server.

2018 Mobile Carrier Ebook

Discover more about what the 5G generation will bring, both benefits and challenges, in Radware’s e-book “Creating a Secure Climate for your Customers” today.

Download Now

Attack Types & VectorsSecurity

From BrickerBot to Phlashing, Predictions for Next-Level IoT Attacks.

May 2, 2017 — by David Hobbs0

iot-predictions-960x394.jpg

When BrickerBot was discovered, it was the first time we’ve seen a botnet that would destroy an IoT device, making it unusable. We’ve had cameras in the lab for our research on the Mirai botnet, so one was volunteered to be the guinea pig. Watching our beloved research lab’s IP-enabled camera turn into a useless paperweight was somewhat bittersweet. We knew BrickerBot v1 aimed to destroy insecure IoT gear, and this was validation. We had to either take it apart and solder a serial connection to it to re-flash it, or just spend the $60 on a new one to continue our IoT botnet research.

SecurityService Provider

The Economics of Cyber-Attacks

April 4, 2017 — by Mike O'Malley0

economics-of-cyber-attacks-960x640.jpg

How to Provide State of the Art Protection against Real World Threats

We live in a world where increasing numbers of complex cyber breach tools are available on the Darknet. But what is the Darknet and how do we protect against it? The Darknet is an anonymous and obfuscated section of the internet where criminals can exchange information, tools and money to carry out attacks with little or no traceability. The Darknet provides a service marketplace where criminals can do many of the same things that law-abiding citizens do every day. Criminals search the internet (anonymously). They exchange emails with other criminals and prospective customers, they read news on the latest opensource tools available to perform effective attacks. They even have an online marketplace where cyber-attack services can be ordered and placed into your online shopping cart. In fact, a Darknet marketplace recently advertised $7,500 to rent the now notorious Mirai botnet – the same botnet used to generate a several hundred gigabit multi-vector attack that took down the services of Amazon, BBC, HBO, Netflix, PayPal, Spotify, and many others in October 2016.

DDoSSecurity

Rise of the Machines: How IoT broke the Internet, and the day after tomorrow

October 26, 2016 — by Zeina Zakhour1

internet-of-things-2-2-960x640.jpg

If you are reading this, you are back on Twitter, listening to your favorite music on Spotify, watching Netflix and you can finally breathe!

Yes, the massive DDoS attack targeting Dyn’s DNS service provider almost broke the Internet, and we are still in the aftermath.

Although the forensics analysis are still ongoing, we do know that this attack integrated at least one botnet of Internet of Things (IoT) devices.

This attack follows two large scale DDoS attacks launched in September that used the same methodology: infecting an ‘army’ of IoT devices to knock down victims’ services.

Attack Types & VectorsSecurity

Darknet 101: An Introduction to The Darkest Places Online

April 27, 2016 — by Daniel Smith11

darknet-101-2-960x640.png

In my last blog, I talked a little about the general principles of the cyberattack marketplace.  Today, we will take a closer look at the Darknet. There is so much talk these days about the Darknet. It’s the stuff of crime novels – a hotbed of criminal activity where anything can be bought and sold.

While that is true, the Darknet also provides an anonymizing layer to journalists and activists around the world who fight for the freedom of information and privacy. It is often a place where they can securely and anonymously communicate with their contacts.

Attack Types & VectorsSecuritySSL

When Trends Collide – Ransomware and IoT Attacks Continue

March 8, 2016 — by Ben Desjardins0

ransomware-iot-attacks-2-960x693.png

A highlight of the annual Global Network & Application Security Report is always the deep case studies. Each year, we work closely with a customer that has made the difficult, but admirable decision to shine a light on their experiences as a victim of a cyber-security attack.  By sharing, these customers can help others prepare for what now is sadly an inevitable experience for many companies.

DDoSSecurity

Your Internet or Your Candy

March 2, 2016 — by David Storch0

internet-or-candy-2-960x629.png

David Storch is a Product Manager and Principal Consultant at Atos and a featured guest blogger

According to the UK’s The Telegraph, ‘eight out of ten parents with children aged 14 or under say restricting their offspring’s use of gadgets is their preferred form of discipline because it stopped them from communicating with their friends. Youngsters saw having their tablets and phones taken away as the worst method of punishment.’

Attack Types & VectorsSecuritySSL

Could Your Network Survive APDoS or Hit-and-Run DDoS?

February 25, 2016 — by Ben Zilberman2

beyond-volumetric-attacks-sharks.png

Can you guess where a network breach first occurs?

When a CISO asked this question during a recent business trip my answer was simple:  “Sure! In the first line of defense.”  Trying to improve my chances, I quickly added, “You know what, it’s when employees share on social networks and unintentionally provide puzzle pieces to potential perpetrators.”

“No,” he said. “It happens in the CISO’s mind. At the very moment they feel secure enough…”

Security

Is the Public Cloud the Ultimate Cyber-Attack Tool?

January 21, 2016 — by Yotam Ben-Ezra0

public-cloud-cyber-attack-2-960x549.jpg

On January 2nd 2016, the BBC suffered from a cyber-attack that targeted all of its applications.  This attack resulted in unavailability for at least 3 hours.  It was also claimed that this DDoS Attack was over 600 Gbps – the largest DDoS attack ever recorded. The group claiming responsibility for the attack was New World Hackers and various articles have been published with one of the group members providing interviews about the incident. One of the main claims was that it was performed using Amazon by bypassing Amazon’s security measures and using administrative privileges.

SecuritySSL

Is Your Organization Prepared for Cyber Attacks? The 2015-2016 Global Application & Network Security Report

January 19, 2016 — by Shira Sagiv3

is-your-organization-prepared-2-960x640.jpg

Few organizations are well prepared when it comes to cyber-attacks.

Blending statistical research and front-line experience, and with more than 20 industries represented, Radware’s new 2015-2016 Global Application & Network Security Report reflects this.  The report outlines findings and analysis from our 2015 industry survey, reflects our Emergency Response Team’s (ERT) in-the-trenches experiences fighting cyber-attacks, and incorporates the perspectives of two 3rd party service providers.