2017 will forever be known as the year that the smart home started to take off. Researchers estimate that Amazon has sold over 15 million Echo devices to date. Plus, Google has sold another 5 million Google Homes. The overall smart home market is expected to grow to over $50 billion by 2022. Already 1 in 4 U.S. households has some kind of smart device in their home. With all the smart thermostats, smart fridges, smart light bulbs, smart doors and windows, personal assistants, and smart home surveillance, internet-connected home devices are rapidly stacking up in U.S. households. These devices are adding convenience and efficiency, but are they safe?
Natural disasters serve as excellent examples of the unforeseen consequences that a cyber-attack against infrastructure will have. Take for example a strong windstorm in Wyoming in February 2017. The storm knocked down power lines, forcing water and sewage treatment plants to operate on backup generators, which weren’t available to some of the pumps that moved sewage from low-lying areas to higher ground. As a result, the sewers backed up after the weather continued to prolonged the outage. While government officials tasked with disaster planning have long focused on the cascading effects of power outages from natural disasters, only recently have they realized the effects of cyber warfare could be quite similar.
Internet of Things (IoT) devices continue to become more and more prevalent in our daily lives. Alexa gives us the daily news, smart agricultural sensors help farmers optimize yield, and connected sensors can monitor your pet’s movement and sleeping patterns. All told, IoT is expected to become a $500 billion market by 2022, r the same size as the overall economy of Sweden, 23rd largest in the world.
In the past five years, we have watched a rapid evolution in both sophistication and scale of DDoS attacks. Long gone are the days of the traditional Denial of Service (DoS) attack. Now, threat actors use massive IoT botnets to enslave millions of devices into global scale DDoS attacks. They confuse defenses by launching short multi-vector attacks in bursts, they multiply the force impact of their attacks by using TLS/SSL, and even destroy systems with Permanent Denial of Service (PDoS) attacks.
Thoughts from Radware’s Global Application and Network Security Report
- Rise of cryptocurrency trade and value boosts attacks;
- Notorious attacks of the year point at the human factor to blame;
- Machine-learning technologies are not fully mature nor broadly adopted;
- Despite a notion of tolerance, in one of four cases customers will take action against a targeted organization;
- IoT devices power more effective DDoS attacks, but nobody takes responsibility to patch the known holes;
- Data Leakage is the number one concern of organizations today.
These are just a handful of insights from Radware’s 2017-2018 Global Application and Network Security Report, providing a comprehensive view of the industry trends and evolutions. 2017 was an eventful year, with global cyber-attack campaigns that grabbed headlines in mainstream media and affected the lives of many, in particular the WannaCry, NotPetya and BadRabbit ransom sprees, as well as Equifax and Forever 21 data leaks. Let’s take a closer look at 2017 trends and 2018 predictions:
Happy New Year to all our readers! In 2017, we conducted several studies and wrote several reports on the state of cyber security. Let’s take a look at how 2017 shaped up:
As 2017 comes to a close, we decided to take a look back at a number of new attack types and threats that we saw throughout the year. Our team took a deep dive into researching and testing many of these threats to find out how they operate and how big of a threat they really were, through setting up honeypots, intentionally bricking a colleague’s device, and setting up IoT chatbots. Below are some of the highlights from our year:
Another year has come and gone, full of all sorts of new cyber-attacks and vulnerabilities. Which subjects did our readers find the most fascinating this year? Privacy, open-source tools, and a new botnet threat called Reaper were just a few. Below are the top 10 posts that you kept coming back to:
2017 has been another eventful year for denial-of-service attacks. Radware’s ERT team has monitored a vast number of events, giving me ample opportunities to review and analyze attack patterns to gain further insight into trends and changes in the attack vector landscape. Here is some insight into what we have observed:
2016 was the Year of DDoS. 2017 was the Year of Ransom. Can we assess leading indicators of new attack techniques and motivations to predict what 2018 will bring? The answer is a resounding “yes.” We believe 2018 will be the Year of Automation—or, more precisely, big, bad attacks on automated technology processes. Here are four reasons why.