Mitigating Attacks in 2013: The Year Companies Push Hackers Back


In 2012, DDoS attacks revealed a new cyber security trend: attack campaigns that last for days and sometimes even weeks. Unfortunately, many organizations that find themselves under attack don’t know how to change the attack dynamics. Instead of working to halt attacks, many just wait passively for them to conclude.

But what about stopping the attack? Why can’t organizations become more proactive and implement counter measures that can halt the attackers from sending additional malicious traffic? Why not push the hackers back as far as possible from critical applications?

According to Cyber Security on the Offense, a recent study by Radware and the Ponemon Institute, 71 percent of respondents gave their organizations an average or below average rating when it comes to their ability to launch or implement counter techniques against hackers and other cyber criminals. The main reasons for not being effective in launching counter measures include the lack of enabling technologies, resources, budget and the dearth of expert personnel. (To read the full report – click here.)

This is a worrisome picture. Despite the fact that many organizations find themselves affected by attack campaigns that last for many days, they lack the capabilities to stop or to reduce the effectiveness of these attacks.

In 2013, it’s time to get proactive! Here are some recommendations for organizations that would like to halt attacks rather than merely absorb them:

  • Establish an emergency response team that can detect and respond to attack campaigns 24×7 for as many days as required. Train this team to investigate who the attackers are and what their motivation is.
  • Gain knowledge on the attack tools, techniques and modes of operation used by hackers in previous campaigns.
  • When under attack, quickly detect and understand which attack tools are being used in order to anticipate what you should expect.
  • Implement techniques to perform counter measures. Each attack tool that hackers use has weaknesses that can be exploited in a counter measure to significantly reduce the effectiveness of the tool.
  • Develop an attackers’ black list and work with your CDN provider or your ISP to black list the attackers before they reach your network. This will allow you to push the attackers as far as possible from your critical applications.

Organizations that implemented these recommendations in 2012 managed to shorten the length of the cyber attacks they faced and reduced the damage they experienced. Next time your organization is under attack, make the choice to be proactive in order to minimize the attack’s effectiveness rather than just waiting passively for its termination.

Ronen Kenig

Ronen manages the global marketing strategy for Radware’s Security products. His responsibilities include the planning, positioning and go-to-market strategy for all Security products activities worldwide. An industry expert, Ronen has more than 14 years experience in managing R&D and marketing products in the networking infrastructure, Security and application delivery sectors. Ronen writes about Security threats and solutions, application delivery, and cloud computing.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center