main

Attack Types & VectorsSecurity

The Dyn Attack – One Year Later

October 19, 2017 — by Ron Winward1

dyn-one-year-later-960x640.jpg

One year ago, a threat actor launched a DDoS attack that disrupted service of some of the internet’s biggest names. The Mirai botnet had enslaved hundreds of thousands of IoT devices and was used to attack several entities, including the managed Domain Name System (DNS) provider Dyn.

The attack on Dyn was an event that many referred to as a wake-up call for internet security.

Except the industry, by and large, never really woke up.

Attack Types & VectorsSecurity

The Growth of DDoS-as-a-Service: Stresser Services

September 28, 2017 — by Daniel Smith0

stresser-services-960x640.jpg

The growth of DDoS-as-a-Service has resulted in a wide array of powerful and affordable DDoS services available to the public. Since the beginning of 2016, Radware’s ERT Research division has been monitoring a number of services available on both the clear and the darknet. These off-the-shelf attack services have been used to launch attacks on a number of industries including ISPs, media, financial service companies and online gaming. These services are commoditizing the art of hacking by making it possible for novices with no experience to launch large scale attacks.

Attack Types & VectorsSecurity

Do Hackers Have It Easy?

September 19, 2017 — by Shira Sagiv0

defense-pro-iot-960x540.jpg

Hackers got it easy. At least, it feels like it. They are in a growing “industry” with many, almost endless, targets to choose from. They have access to new tools and techniques, services that make it easy for them to launch an attack and lots of information and personal data at their fingertips. All of that is available today on the Darknet, and you don’t need to be a sophisticated hacker to get access and start “enjoying” it all.

Attack Types & VectorsDDoSSecuritySSL

2017’s 5 Most Dangerous DDoS Attacks & How to Mitigate Them (Part 1)

September 12, 2017 — by Carl Herberger1

top-5-ddos-attacks-960x631.jpg

Throughout the history of mankind, whether in warfare or crime, the advantage has swung between offense and defense, with new technologies and innovative tactics displacing old doctrines and plans. For example, the defensive advantage of the Greek phalanx was eventually outmaneuvered by the Roman legion. Later, improvements in fortifications and armor led to castles and ironclad knights, until the invention of gunpowder made them obsolete. In the 20th century, fixed fortifications and trenches were rendered outdated by highly mobile armored forces. In all these examples, the common denominator is that one side’s tactical advantage spawned new ways of thinking among its opponents, eventually degrading that advantage or reversing it completely.

DDoSSecurity

Could Your Local Car Dealer, Bank or Doctor’s Office be Next?

August 17, 2017 — by Mike O'Malley0

mssp-smb-overview-960x640.jpg

What do local car dealers, hospitals and banks all have in common? At first glance, not much. However, all of them have become recent hacker targets. Why now when other, much larger corporate entities have traditionally been targets? One word – resources. Their resources, both network and personnel, are stretched thin. With the increased complexity and length of Distributed Denial-of-Service (DDoS) attacks, it’s a struggle for all organizations, let alone small and medium businesses. The 2016 State of SMB Security Report found that half of the 28 million small businesses surveyed were breached in the past year. Verizon cited, in their 2017 Data Breach report, that 61% of data breach victims were businesses with less than 1,000 employees.

SecuritySSL

Cyber and Securities – Financial Institutions Attack Landscape

August 16, 2017 — by Ben Zilberman1

financial-services-960x655.jpg

Recently Italian bank Unicredit suffered two security breaches. Data of 400,000 customers was stolen, including loan account numbers and Personally Identifiable Information (PII). There is a suspicion the breach had to do with interaction with a 3rd party. This incident is the latest reported in a long history of cyber-attacks against financial institutions. Every hack however, can teach us a lesson.

DDoSSecurity

The Money Behind DDoS Managed Security Services

July 27, 2017 — by Mike O'Malley0

ddos-managed-services-1-960x480.jpg

In a recent Light Reading webinar, Principal Heavy Reading Analyst Jim Hodges and I discussed the growing need for Managed Security Services. DDoS attacks are becoming increasingly sophisticated and complex, lasting more than 24 hours in some cases. The attacks aren’t limited to specific industries or company sizes anymore, and push stretched internal IT resources to the breaking point. The 0s and 1s that flash through service provider networks are equally vulnerable.  Attackers don’t care where the data is coming from…they’re looking for vulnerabilities they can exploit for money. The days of hacks focused on large retail organizations like Target and Home Depot are behind us. Merck and Co., a large U.S.-based pharmaceutical firm, was one of several global companies impacted by a massive global attack. Don’t let these hacks bring your customers’ network down.