Availability, or the big “A” is often the overlooked corner of the CIA triad. Perhaps a contributing factor is the common belief among security professionals that if data is not available, it is secure. Corporate executives have a different opinion, as downtime carries with it a hefty price tag. While today’s corporate risk assessment certainly involves the aspect of availability, it is focused on redundancy, not on security. Penetration tests, a result of the corporate risk assessment, also fail to test on availability security. In fact, pen testing and vulnerability scanning contracts specifically avoid any tests which might cause degradation of service, often leaving these vulnerabilities unknown until it’s too late. Availability is commonly handed off to be addressed by network engineering to design and build resilient networks. Common risk mitigations in this arena include redundant power, internet links, routers, firewalls, web farms, storage, and even geographic diversity with use of hot, warm and cold data centers. You get the picture; there is a ton of money invested in building network infrastructure to meet corporate availability requirements.
In April 2017, we conducted a global survey of C-suite executives. All respondents represent organizations with at least $250 million (or the equivalent) in annual revenue. Our goal: to understand their greatest challenges, threats and opportunities when it comes to cyber security.
Most organizations cannot rely solely on on-premise solutions because of the volumetric aspects of DDoS attacks. Multi gigabit-sized attacks cause on-premise connection lines to fill up, and organizations to go offline. Vulnerabilities with CDNs also has limitations for organizations. On-premise and cloud-based solutions offer protections that most ISPs are not able to deliver effectively. Some ISP’s have much better detection and DDoS mitigation capabilities, and next-generation offerings may include WAF and DDoS automation and integration. Every ISP is different and actual protections will vary over time and with vendors.
Every year Radware sets forth predictions in our annual security report called Radware’s Global Application and Network Security report and, we might add, have achieved a very substantial track record of forecasting how the threat landscape will evolve. After all, it is fun to predict what may happen over the course of a year in security. The industry moves so fast and while some things do stay the course, it only takes one small catalyst to spark a new direction that nobody could have predicted.
To state the obvious, two well-known comic book giants have lit the imaginations of generations of children. They brought to life the fantasy that humans could be ‘super’ or immortal, or somehow infallible.
Each in their own way combined fantastical combinations of humans with unreal, unbelievable and incredible skills.
In the category of vision enhancement alone, there are legions of characters who have developed themselves in a surreal way, for example, through X-Ray vision, or super-acute vision (something akin to a hawk). Other superheroes were gifted with night vision or even eyes that fired deadly laser beams. However, did you know that these characters dreamt up in comic books all have somewhat real world equivalents? Well, maybe not in people, but clearly in video surveillance systems of the future.
Ideology, politics and religious differences are at the core of operation OpIsrael. OpIsrael is launched by Anonymous with the stated goal of “erasing Israel from the internet” in protest against the Israeli governments’ conduct in the Israeli- Palestinian conflict. This is a yearly operation and was created in 2012. It starts every year on April 7th and ends on April 20th. This operation sees participants from Anonymous, AnonGhost, Red Cult, Anonymous Lebanon, Mauritania Attackers, Cyber Team Tox, M0oDyPL, MCA DDoS Team and LaResistance Hacking Team along with other independent attackers.
In early April, we identified a new botnet designed to comprise IoT devices and corrupt their storage. Over a four-day period, our honeypots recorded 1,895 PDoS attempts performed from several locations around the world. Its sole purpose was to compromise IoT devices and corrupt their storage. Besides this intense, short-lived bot (BrickerBot.1), our honeypots recorded attempts from a second, very similar bot (BrickerBot.2) which started PDoS attempts on the same date – both bots were discovered less than one hour apart –with lower intensity but more thorough and its location(s) concealed by TOR egress nodes.
Whether we see them or not, application programming interfaces (APIs) are a crucial part of business today. They are used in virtually every aspect of IT and DevOps. APIs facilitate and even drive B2B and B2C partnerships, ecommerce acceleration, systems and application automation, and solution integrations. Without them, business and IT shops would not be able to deliver services anywhere near as fast and efficiently as they do today. However, this speed comes at a cost. User security is often a trade-off between security and usability and there seems to be a similar trade-off with leveraging APIs.
Over the last couple of years, I wrote about DDoS attacks several times—with good reason. They are increasing in size and intensity. Each year more homes are connected to the Internet; consumers and businesses increase their access connection bandwidth; and more devices are online at each connection. With all these connected devices, many of which have little to no protection, the field is ripe for threat actors to harvest DDoS attack hosts, a.k.a. bots.
European IT professionals report securing business continuity as the #1 challenge, even more than avoiding revenue loss or protecting reputation