main

Attack Types & VectorsSecurity

My Network has High Cholesterol

June 22, 2017 — by Ben Zilberman0

network-high-cholesterol-960x601.jpg

5 out of 6 businesses struggle daily with low profile DDoS attacks that consume their bandwidth and resources and pose a burden, resulting in poor service level and customer experience

You know how when you get to a certain age, feeling ‘good’ is not good enough? Well it might be good for your everyday life – obviously, you don’t need to extract the most out of your brain and muscles for the day-to-day to-do’s, but there is no guarantee that there is nothing there that negatively impacts your performance, or may be silently growing.

Attack Types & VectorsSecurity

Eliminating Single Points of Failure, Part 1

June 21, 2017 — by Louis Scialabba0

ddos-primer-part-1-960x788.jpg

The Risk DDoS Attacks Pose to Enterprises

The Role of the Firewall

A Firewall is a necessary first step in protecting an enterprise network by establishing a barrier between a trusted, secure internal network and another outside untrusted network such as the Internet. Firewalls have evolved considerably over the years, with the advent of next-generation firewalls to add application-aware filtering and intrusion detection capabilities and help customers improve their first line of defense. However, DDoS attacks are one vector where Firewalls are commonly the point of failure. In fact, Radware’s own research shows that the firewall is the cause of downtime during DDoS attacks roughly one-third of the time. The reason for this is the stateful nature of these devices, required to keep track of open sessions and transactions on the network. Maintaining session state requires use of session tables as well as other CPU resources that are finite and also responsible for other security features. Therefore under attack, the session table can be exhausted causing the firewall to fail.

SecurityService Provider

Enterprises are asking for help to protect their data. Here’s the answer service providers should provide.

June 20, 2017 — by Mike O'Malley0

carrier-mssp-960x637.jpg

Big. Small. Public. Private. Government. Retail. B2B. Non-profit.

Hackers don’t care about the size or purpose of the organizations they attack. They’re bombarding networks all over the globe with sophisticated multi-vector DDoS attacks, looking to grab any data from which they can profit.

Security

ISP DDoS Protection May Not Cover All of Bases

May 25, 2017 — by David Hobbs0

isp-ddos-mitigation-960x641.jpg

Most organizations cannot rely solely on on-premise solutions because of the volumetric aspects of DDoS attacks. Multi gigabit-sized attacks cause on-premise connection lines to fill up, and organizations to go offline. Vulnerabilities with CDNs also has limitations for organizations. On-premise and cloud-based solutions offer protections that most ISPs are not able to deliver effectively. Some ISP’s have much better detection and mitigation capabilities, and next-generation offerings may include WAF and DDoS automation and integration. Every ISP is different and actual protections will vary over time and with vendors.

Security

2017 Considerations before Buying an Attack Mitigation System

May 11, 2017 — by Carl Herberger2

buying-attack-mitigation-960x641.jpg

Managing the security of critical information has proven a challenge for businesses and organizations of all sizes. Even companies that invest in the latest security infrastructure and tools soon discover that these technology-based “solutions” are short-lived. From antivirus software to firewalls and intrusion detection and prevention systems, these solutions are, in fact, merely the most effective strategies at the time of implementation. In other words, as soon as businesses build or strengthen a protective barrier, the “bad guys” find another way to get in. Attackers are constantly changing their tactics and strategies to make their attacks and scams as damaging as possible.  The good news is that it appears that attacks and subsequent defenses are breaking down in categories which can be measured systematically. The following areas are of a particular concern as we look towards 2017-2018 planning for attacks:

Attack Types & VectorsSecurity

Radware’s ERT Mitigated a Spoofed-IPs Attack of Several Hundred Gbps

May 4, 2017 — by Ben Zilberman0

attack-analysis-960x540.jpg

Background:

Starting on April 1st, one of the most popular gaming operators from a large Asia-Pacific (APAC) country has suffered DDoS attacks, rendering the application unreachable and many gamers frustrated. It was a massive spoofed-IPs attack against the user authentication ports. After several attempts to mitigate the attack, the customer turned to a local cloud provider – who is a Radware partner – for help. As one the largest providers in APAC they took a stab at fighting the attack off, and called Radware to the battlefield.

Attack Types & VectorsSecurity

Why ISP DDoS Services Typically Fail

April 12, 2017 — by David Monahan0

isp-ddos-protection-960x528.jpg

Over the last couple of years, I wrote about DDoS attacks several times—with good reason. They are increasing in size and intensity. Each year more homes are connected to the Internet; consumers and businesses increase their access connection bandwidth; and more devices are online at each connection. With all these connected devices, many of which have little to no protection, the field is ripe for threat actors to harvest DDoS attack hosts, a.k.a. bots.

Security

Protecting Cloud-Based Applications – Not What You Thought

March 28, 2017 — by Shira Sagiv0

aws-cloud-ddos-launch-3-960x504.jpg

So you’ve finally made the move and deployed one of your business applications in the cloud.  You picked a leading public cloud provider (Amazon Web Services or Microsoft Azure) thinking this will get you the peace of mind you are looking for.  Well that’s almost too good to be true.  While there are many advantages with hosting applications in the cloud to improve overall efficiency and expand business opportunities – securing your applications in the cloud is more complicated.  As you migrate or deploy more and more applications in the cloud, you are facing a more distributed network that splits across multiple cloud providers and your organization’s private network.

Attack Types & VectorsDDoSSecurity

The Expansion of IoT since Mirai.

March 22, 2017 — by Daniel Smith0

iot-mirai-botnet-960x540.jpg

The idea of an Internet of Things (IoT) botnet is nothing new in our industry. In fact, the threat has been discussed for many years by security researchers. It has only now gained public attention due to the release and rampage of the Mirai botnet. Since Mirai broke the 1Tbps mark in late 2016 the IoT threat has become a popular topic of conversation for many industries that utilize connected devices. Not only are companies worried about if their devices are vulnerable but they are also worried if those devices can be used to launch a DDoS attack, one possibly aimed at their own network.