I was visiting a prospect last week and at the very beginning of the meeting he asked directly, “Why would I consider your products and services over the many others that claim to do the exact same thing?” I immediately said, “That’s easy! Certainty and specificity.” He looked at me, expecting more than a 5-word answer. When I did not provide one, he asked me to please explain. I told him that any number of the products or services on the market are capable of keeping your circuits from being overrun by a volumetric DDoS attack, but that if he wanted to be certain he was not blocking legitimate business users or customers, and if he wanted to be specific about the traffic he was scrubbing, he would need to consider my solution.
In late July we were approached by a government agency of a Latin American country who was suffering from an over-a-month long campaign of DDoS attacks they had so far failed to mitigate. Each of the attacks lasted for several hours at a time –sometimes multiple times a day – making it through their existing DDoS protection device and right into the headlines of the local press.
This is Part 2 of our series on the top 5 most dangerous DDoS attacks and how you can successfully mitigate them. To read Part 1 of the series, click here. Let’s dive back in with Attack Type #4:
Over the years Radware has followed the evolution of DDoS attacks directed at the gaming industry. For the industry, large-scale DDoS attacks can result in network outages or service degradation and has become an everyday occurrence. In 2016 Lizard Squad and Poodle Corp launched repeated attacks against EA, Blizzard and Riot Games, resulting in service degradation and outages for users around the world.
2016: What a year! Internet of Things (IoT) threats became a reality and somewhat paradoxically spawned the first 1TBs DDoS—the largest DDoS attack in history. Radware predicted these and other 2016 events in the 2015–2016 Global Application and Network Security Report. Since initiating this annual report, we have built a solid track record of successfully forecasting how the threat landscape will evolve. While some variables stay the course, the industry moves incredibly quickly, and it takes just one small catalyst to spark a new direction that nobody could have predicted.
Let’s take a look back at how our predictions fared in 2016—and then explore what Radware sees on the horizon for 2017.
Threat Alert: Bitcoin Exchanges and Websites Experiencing DDoS Attacks
Over the last several months, our ERT Research team has noticed a growing trend of attackers targeting Bitcoin exchanges and websites that deal with Bitcoin directly. These websites are increasingly becoming the target of DDoS attacks for a number of reasons. First, they are mainly targeted by extortionists, but they are also experiencing attacks from competition and user aggression.
Bitcoin-related sites attract a lot of attention and demand from their users, but this also plays against them. This dedicated user base requires instant access and live updates about market conditions and the current value of Bitcoin. When these services go down, thousands of users are left locked out of their accounts, which can result in reputation damage or financial loss for their users. This is also why extortionists choose to target these sites; not only do they have Bitcoin on hand, but some are not willing to go offline even for a moment due to the fear of losing clients.
By Jason Ford, Chief Technology Officer of BlackMesh
The benefits of relying on a managed service provider are seemingly endless. Managed services can help organizations focus on business strategies, conserve funds and resources, mitigate risks, and maintain, operate, and deploy environments. In recent years, however, the IT industry has come to a crossroad where managed services meet security. With the current threats of cyber hacks and intrusion methods being what they are, security is as important – or perhaps more important – to system owners as any other advantages they garner from a managed service provider. While championing the incomparable value correlated with having a powerful and dependable infrastructure without having to manage it, enterprises now can – and do – feel the same about managed security services.
School networks are increasingly becoming victims of cyber-attacks. They are presented with unique threats and challenges that most organizations do not have to deal with. Every year schools see thousands of new students that bring with them an arsenal of potentially vulnerable devices. To add to this growing complexity, most college campuses have migrated to digital platforms like Blackboard and Moodle. These online web portals are prime targets for denial of service attacks.
Organizations can protect themselves against advanced threats by adopting the right strategy. This strategy involves getting the right players on the field, with a complementary set of skills that will provide a team with the right mix of capabilities. In deploying security products into your IT environment, you are looking for the right mix of solutions (security monitoring, protection, analysis, analytics and response capabilities) in order to cover the field. Deploying an effective and efficient set of security solutions will provide you maximum benefits, with improved operational efficiencies and costs.