main

DDoSHacksSecurity

Public Education Around Cyber Security

September 28, 2016 — by Paul Coates4

education-cyber-security-960x644.jpg

Australia’s Prime Minister Malcolm Turnbull recently raised the issue of cyber security education during a Washington D.C. speech. The intention behind such a sentiment is a good one. Teaching cyber security to the public, and making it a part of the education curriculum is essentially a public safety lesson akin to ‘Don’t Do Drugs,’ ‘Don’t Talk To Strangers’, and ‘Be Alert And Aware Of Your Surroundings.’

However, as a society we are at a crossroads where our children have vastly more knowledge of the cyber landscape than adults. Teachers still struggle with computer basics while students are hacking the schools’ computer systems to change their grades, create DDoS attacks on the day of critical testing, and worse.

Attack Types & VectorsSecurity

Hybrid mitigation – Why it’s exactly what you need in complex attacks

August 31, 2016 — by Ron Winward0

hybrid-mitigation-final-960x512.png

Recently a company in the DDoS protection space published an article about how hybrid mitigation models are ineffective against large HTTP POST attacks. While we respect all of our industry colleagues and support their contributions to the space as a whole, I wanted to review the case study and offer a different perspective.

The hybrid mitigation model uses an appliance at the customer premise and cloud-based solutions for volumetric attacks that exceed the local internet capacity (or capacity of the local mitigation appliance).

Application DeliveryDDoSSecurity

Why Cloud-based and ISP-based Scrubbing Alone Are Inadequate.

May 18, 2016 — by David Monahan0

cloud-scrubbing-2-960x713.png

On occasion, the topic of DDoS defense has come up and invariably goes to, “Why can’t organizations rely on ISP and cloud scrubbing services to protect themselves from DDoS attacks?” The conversation also rolls over to, “Why can’t organizations rely on on-premises solutions to protect themselves from DDoS attacks?” The latter is usually asked by someone who is a novice in the field, but both are valid questions. The true answer lies with a combination defense or, to coin a common security phrase, “defense-in-depth.”

DDoSSecurity

Your Internet or Your Candy

March 2, 2016 — by David Storch0

internet-or-candy-2-960x629.png

David Storch is a Product Manager and Principal Consultant at Atos and a featured guest blogger

According to the UK’s The Telegraph, ‘eight out of ten parents with children aged 14 or under say restricting their offspring’s use of gadgets is their preferred form of discipline because it stopped them from communicating with their friends. Youngsters saw having their tablets and phones taken away as the worst method of punishment.’

Cloud SecurityDDoSSecurity

Network-as-a-Sensor: A New Approach to the DDoS Problem

February 17, 2016 — by Ron Meyran1

network-as-a-sensor-2-960x480.jpg

Mike Geller from Cisco’s CTO office and Ehud Doron of Radware’s CTO office presented at Cisco Live Berlin 2016 the revolutionary concept of Network-as-a-Sensor to fight DDoS attacks.

There are two approaches to detect against DDoS attacks: on-premise (also sometimes called in-line) and Cloud (out of path). When a DDoS protection solution is deployed on-premise, organizations benefit from an immediate and automatic attack detection and DDoS mitigation solution. Within seconds from the start of an attack, the online services are well protected and the attack is mitigated.

Attack Types & VectorsCloud SecurityDDoSSecuritySSL

Cyber-Attackers Are Adjusting to the Security Adjustments You’ve Made

February 16, 2016 — by Ben Desjardins0

cyberattack-adjustments-2-960x580.jpg

Sometimes it feels terrible to be right. In our recent Global Application & Network Security Report we predicted an increase in complex encrypted attack vectors and the importance of putting in place adequate defenses that can scale and inspect encrypted traffic.  Just last week, we got a vivid example of the increasing threat posed by encrypted attack vectors. A high profile attack occurred with an organization that had both a combination of on-premises and cloud-based DDoS protection, yet the organization’s site still went down, in large part because the attack “hid” from detection by the cloud-based resources by using encryption.

Attack Types & VectorsDDoSSecurity

The Top 5 DDoS Attack Types We Saw in 2015

January 7, 2016 — by Snir Karat0

tips-before-during-after-cyber-attack.jpg

There were no “common” DDoS attacks in 2015.  The ones studied by Radware researchers were often volumetric; however, sophisticated, combined attacks such as Proton Mail were also fought by the Radware Emergency Response Team (ERT).  The combined attacks they experienced involved UDP floods, SYN floods, DNS reflection, ICMP floods and TCP out-of-sequence floods.

Application DeliveryDDoSSDNSecurityService ProviderWPO

Your Favorite Posts of 2015

December 30, 2015 — by Radware1

Over the past twelve months, our team of authors has offered advice, expertise, and analysis on a variety of topics facing the application delivery and security communities.  The articles below are the most read and shared ones we published this year.  Our goal was (and is) to share our experience and knowledge so you, our readers, can better prepare, implement, and gain insights that you can apply to your business.

DDoSSecurity

Turkey DNS Servers Under Attack

December 22, 2015 — by Daniel Smith10

Since Monday December 14th, Turkey’s DNS servers, ns1.nic.tr – ns5.nic.tr, have been the target of a persistent denial of service attack. This 40Gbps amplification attack targeted all 5 nic.tr servers and saw peaks close to 200 Gbps.  The attack left more than 400,000 websites down in Turkey and DNS servers unable to respond to queries.