main

BotnetsMobile DataMobile SecuritySecurityService Provider

IoT, 5G Networks and Cybersecurity – Part 1: The Rise of 5G Networks

August 16, 2018 — by Louis Scialabba0

rise-5g-networks-iot-cybersecurity-960x640.jpg

Smartphones today have more computing power than the computers that guided the Apollo 11 moon landing. From its original positioning of luxury, mobile devices have become a necessity in numerous societies across the globe.

With recent innovations in mobile payment such as Apple Pay, Android Pay, and investments in cryptocurrency, cyberattacks have become especially more frequent with the intent of financial gain. In the past year alone, hackers have been able to mobilize and weaponize unsuspected devices to launch severe network attacks. Working with a North American service provider, Radware investigations found that about 30% of wireless network traffic originated from mobile devices launching DDoS attacks.

Each generation of network technology comes with its own set of security challenges.

How Did We Get Here?

Starting in the 1990s, the evolution of 2G networks enabled service providers the opportunity to dip their toes in the water that is security issues, where their sole security challenge was the protection of voice calls. This was resolved through call encryption and the development of SIM cards.

Next came the generation of 3G technology where the universal objective (at the time) for a more concrete and secure network was accomplished. 3G networks became renowned for the ability to provide faster speeds and access to the internet. In addition, the new technology provided better security with encryption for voice calls and data traffic, minimizing the impact and damage levels of data payload theft and rogue networks.

Fast forward to today. The era of 4G technology has evolved the mobile ecosystem to what is now a mobile universe that fits into our pockets. Delivering significantly faster speeds, 4G networks also exposed the opportunities for attackers to exploit susceptible devices for similarly quick and massive DDoS attacks. More direct cyberattacks via the access of users’ sensitive data also emerged – and are still being tackled – such as identity theft, ransomware, and cryptocurrency-related criminal activity.

The New Age

2020 is the start of a massive rollout of 5G networks, making security concerns more challenging. The expansion of 5G technology comes with promises of outstanding speeds, paralleling with landline connection speeds. The foundation of the up-and-coming network is traffic distribution via cloud servers. While greatly benefitting 5G users, this will also allow attackers to equally reap the benefits. Without the proper security elements in place, attackers can wreak havoc with their now broadened horizons of potential chaos.

What’s Next?

In the 5G universe, hackers can simply attach themselves to a 5G connection remotely and collaborate with other servers to launch attacks of a whole new level. Service providers will have to be more preemptive with their defenses in this new age of technology. Because of the instantaneous speeds and low lag time, they’re in the optimal position to defend against cyberattacks before attackers can reach the depths of the cloud server.

2018 Mobile Carrier Ebook

Discover more about what the 5G generation will bring, both benefits and challenges, in Radware’s e-book “Creating a Secure Climate for your Customers” today.

Download Now

Attack Types & VectorsDDoSSecurity

See Through the DDoS Smoke-Screen to Protect Sensitive Data

January 26, 2017 — by Paul Mazzucco0

ddos-as-a-smokescreen-960x640.jpg

DDoS attacks can be costly and risky. TierPoint is witnessing a growing trend of using such attacks as the means to another, potentially more devastating, end: stealing sensitive data. Call this new breed of attack the “DDDoS”—deceptive distributed denial-of-service. For two recent examples, look to attacks on Carphone Warehouse and Linode. By bombarding Carphone Warehouse with online traffic, hackers were able to steal the personal and banking details of 2.4 million people. Similarly, cloud provider Linode suffered more than 30 DDoS attacks which appeared to be a ruse to divert attention away from a breach of user accounts.

Security

Can your SEO rankings be lowered by a DDoS Attack?

January 24, 2017 — by David Hobbs2

seo-ddos-attack-960x714.jpg

Last week, I was doing research in the DarkNet marketplaces to keep on top of the current trends in the threat landscape. One of the advertisements that struck me as typical was an advertisement for a DDoS botnet for rent. It wasn’t that there was a botnet for rent, as those are everywhere. It was the Listing Details that put together a value proposition for attacking somebody that caught my eye. It says:

“Another advantage of the DDOS attack that you probably don’t know is the loss of Google Organic Ranking. Google really don’t like unreachable URLs or slow website. As soon as they find a decrease of availability or speed, your target will be temporary removed from results and then it will lose his Google ranking. Two weeks after a four days DDOS attack, I have seen a website going from first page to third page.”

Attack Types & VectorsSecurity

2016 Attack Trends

December 6, 2016 — by Daniel Smith0

top-2016-attack-trends-960x640.jpg

2016 has been an eventful year when it comes to denial of service attacks. This year the industry as a whole has seen the largest attacks ever, and new attack vectors designed to test and challenge modern day defenses. Every year Radware’s ERT sees millions of attacks and our ERT Researchers throughout the year are constantly reviewing and analyzing these attacks to gain further insight into trends and changes in the attack vector landscape.

This year, two of the most common trends among attackers were burst attacks, aka “hit and run”, and advanced persistent denial of service (ApDoS) campaigns. Throughout the year we have observed a number of attackers using short bursts of high volume attacks in random intervals, and attacks that have lasted weeks, involving multiple vectors aimed at all network layers simultaneously. These types of attacks have a tendency to cause frequent disruptions in a network server’s SLA and can prevent legitimate users from accessing your services.

DDoSSecurity

It’s Beginning to Look a Lot Like Cyber-Attack Season

November 9, 2016 — by Ben Desjardins0

retail-cyber-attacks-holidays-960x639.jpg

This year’s door buster deal might just be a DDoS attack

The luring presence of large bowls of excess Halloween candy laying around my house can only mean one thing: It’s that time of year when retailers are preparing stores (both physical and virtual) for a crush of holiday shoppers on Black Friday.

As the story goes, the term originates from an incident in the late 19th century in Philadelphia. The retailer Wanamaker’s Department Store decided on a deep discount of calico, the most common fabric used for dressmaking at the time. The throngs of shoppers that showed up for the penny-a-yard fabric sale ended up breaking through the glass windows of the front door, forcing the store to close. The closure no doubt cost Wanamaker’s dozens of dollars.

Security

Let’s discuss facts: An insight into Mirai’s source-code

November 3, 2016 — by Snir Ben-Shimol1

mirai-attack-2-960x608.jpg

In three massive DDoS attacks, Mirai botnet dazzled the cyber-security industry who long feared the implications of the exponentially growing number of devices connecting to the internet.

So many speculations, blogs and Op-Eds emerged following the attacks on Krebs, OVH and DynDNS. You couldn’t ignore them as everybody had something to say – speculation on who the attackers were, their motivation, the attack vectors and the traffic volumes. In this blog post, we would like to put an end to the speculation, and discuss facts.

Attack Types & VectorsSecurity

4 Reasons to Believe Future Cyber Attacks Will Terrorize

August 24, 2016 — by Carl Herberger1

terrorizing-cyber-attacks-final-960x594.png

For years people have been talking about the threat of a Cyber Pearl Harbor or Digital September 11th event. There is a perception that this event would be an isolated incident that cripples society as we know it – heck, there is even a TV show about it. But what are the possibilities for such an occurrence in reality? Let’s take a look at three realistic categories where cyber terrorism is either already upon us or having its comeuppance.

Let’s look at four attack profiles which would reasonably either lead to loss of life or have the potential to leave the victim inevitably stricken with fear:

Attack Types & VectorsSecurity

5 Cyber Attack Developments Worth Your Attention

July 14, 2016 — by Ben Zilberman0

cyber-attack-developments-3-960x640.png

Are you concerned about being targeted?

Are you concerned about being targeted?

I am. As an IT person, it’s hard not be afraid when cyber attackers are always one step ahead of you. And, they have been quite busy this year, DDoSing, spreading malware, Ransoming and Doxing. I’m sure the stories have filled your newsfeeds.

The Bigger Picture

To understand what’s happening in the threat landscape, we need to put aside the headlines for a moment and focus on the bigger picture. There are five interesting trends that have implications for the way we perceive security, both as organizations and as individuals.

Attack Types & VectorsDDoSSecurity

Early Attack Activity Forcing New Thinking in Healthcare IT/Security

July 7, 2016 — by Ben Desjardins0

healthcare-security-attack-activity-3-960x592.png

Every year when we conduct our survey for the Global Application & Network Security Report, one of the more interesting things to observe is how different industries are viewing the threat landscape. Changes such as technology adoption within industry tend to create new points of vulnerability, which quickly become the targets of malicious actors looking to exploit these new-found points of access. This year has been a particularly eye-opening year for the healthcare industry, which has seen a rash of recent attacks targeting their increased reliance on technology and networked data, often through the tactic of ransom attacks.

The increase in ransom attacks was one of the many interesting angles we saw within the inputs of the healthcare industry through our survey. Others provide additional insight into areas IT and security practitioners in the space have more or less concern, or feel either exposed or more or less secure.

DDoSSecuritySSL

Adaptive Managed Services Bolster Security

June 30, 2016 — by Jason Ford0

adaptive-managed-services-bolster-security-3-960x640.png

By Jason Ford, Chief Technology Officer of BlackMesh

The benefits of relying on a managed service provider are seemingly endless. Managed services can help organizations focus on business strategies, conserve funds and resources, mitigate risks, and maintain, operate, and deploy environments. In recent years, however, the IT industry has come to a crossroad where managed services meet security. With the current threats of cyber hacks and intrusion methods being what they are, security is as important – or perhaps more important – to system owners as any other advantages they garner from a managed service provider. While championing the incomparable value correlated with having a powerful and dependable infrastructure without having to manage it, enterprises now can – and do – feel the same about managed security services.