Multi-vector DDOS Attacks

Similar documents
A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Fighting the Shadows: How to Stop Real-world Cybersecurity Application Threats That You Can t See

Cyber War Chronicles Stories from the Virtual Trenches

Radware s Attack Mitigation Solution Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

War Stories from the Cloud Going Behind the Web Security Headlines. Emmanuel Mace Security Expert

War Stories from the Cloud: Rise of the Machines. Matt Mosher Director Security Sales Strategy

Cybersecurity. Anna Chan, Marketing Director, Akamai Technologies

An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks

WHITE PAPER Hybrid Approach to DDoS Mitigation

Securing Online Businesses Against SSL-based DDoS Attacks. Whitepaper

The Next Cyber War Geo-Political Events And Cyber Attacks. Werner Thalmeier Director Security Solutions EMEA & CALA

DDoS MITIGATION BEST PRACTICES

INTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

DDoS Detection&Mitigation: Radware Solution

Cisco Firepower with Radware DDoS Mitigation

Comprehensive datacenter protection

IBM Cloud Internet Services: Optimizing security to protect your web applications

Enterprise D/DoS Mitigation Solution offering

Introduction to DDoS Attacks

COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1

RESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises

THE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY

Arbor Solution Brief Arbor Cloud for Enterprises

A10 DDOS PROTECTION CLOUD

SUPERCHARGE YOUR DDoS PROTECTION STRATEGY

A Survey of Defense Mechanisms Against DDoS Flooding A

State of the Internet Security Q Mihnea-Costin Grigore Security Technical Project Manager

Why IPS Devices and Firewalls Fail to Stop DDoS Threats

Endpoint Protection : Last line of defense?

ERT Threat Alert New Risks Revealed by Mirai Botnet November 2, 2016

NINE MYTHS ABOUT. DDo S PROTECTION

DoS Cyber Attack on a Government Agency in Europe- April 2012 Constantly Changing Attack Vectors

DDoS Introduction. We see things others can t. Pablo Grande.

SHARE THIS WHITEPAPER. Attack Mitigation Service Fully Managed Hybrid (Premise & Cloud) Cyber-Attack Mitigation Solution - Whitepaper

Arbor White Paper. DDoS: THE STAKES HAVE CHANGED. HAVE YOU? REVEALED: 3 dangerous myths about DDoS attacks

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

Internet2 DDoS Mitigation Update

I D C T E C H N O L O G Y S P O T L I G H T

Protect Against Evolving DDoS Threats: The Case for Hybrid

How DDoS Detection and Mitigation Can Fight Advanced Targeted Attacks

WHITE PAPER. DDoS of Things SURVIVAL GUIDE. Proven DDoS Defense in the New Era of 1 Tbps Attacks

Nine Steps to Smart Security for Small Businesses

Silverline DDoS Protection. Filip Verlaeckt

IoT - Next Wave of DDoS? IoT Sourced DDoS Attacks A Focus on Mirai Botnet and Best Practices in DDoS Defense

Defending against increasingly sophisticated DDoS attacks

WHAT IS MALICIOUS AUTOMATION? Definition and detection of a new pervasive online attack

Downtime by DDoS: Taking an Integrated Multi-Layered Approach. Arbor Solution Brief

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

Pushed to the Limit! Network and Application Security Threat Landscape Lior Zamir Technical Account Manager

Practical Guide to Choosing a DDoS Mitigation Service WHITEPAPER

Managing an Active Incident Response Case. Paul Underwood, COO

ddos-guard.net Protecting your business DDoS-GUARD: Distributed protection against distributed attacks

Prolexic Attack Report Q4 2011

It s Flow Time! The Role and Importance of Flow Monitoring in Network Operations and Security

DDoS Protector. Simon Yu Senior Security Consultant. Block Denial of Service attacks within seconds CISSP-ISSAP, MBCS, CEH

akamai s [state of the internet] / security

Why DDoS Makes for Risky Business and What You Can Do About It

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT

Safeguard Your Internet Presence with Sophisticated DDoS Mitigation.

2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks. 9 th November 2015

Cyber Security Guidelines Distributed Denial of Service (DDoS) Attacks

HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK

EFFECTIVE SERVICE PROVIDER DDOS PROTECTION THAT SAVES DOLLARS AND MAKES SENSE

AKAMAI CLOUD SECURITY SOLUTIONS

Service Provider View of Cyber Security. July 2017

the Breakdown of Perimeter Defenses

Check Point DDoS Protector Simple and Easy Mitigation

Protecting DNS Critical Infrastructure Solution Overview. Radware Attack Mitigation System (AMS) - Whitepaper

Cloudflare Advanced DDoS Protection

Check Point DDoS Protector Introduction

THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES

Arbor Networks Spectrum. Wim De Niel Consulting Engineer EMEA

Arbor White Paper Keeping the Lights On

Neustar Security Solutions Overview

Anti-DDoS. FAQs. Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD.

Radware: Anatomy of an IoT Botnet and Economics of Defense

Herding Cats. Carl Brothers, F5 Field Systems Engineer

The Presence and Future of Web Attacks

NETWORK DDOS PROTECTION STANDBY OR PERMANENT INFRASTRUCTURE PROTECTION VIA BGP ROUTING

WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING

snoc Snoc DDoS Protection Fast Secure Cost effective Introduction Snoc 3.0 Global Scrubbing Centers Web Application DNS Protection

Corero & GTT DDoS Trends Report Q2 Q3 2017

IT SECURITY FOR NONPROFITS

A GUIDE TO DDoS PROTECTION

Encrypted Traffic Security (ETS) White Paper

DDOS DETECTION AND RESPONSE TRENDS IN THE ENTERPRISE: AN IANS CUSTOM REPORT

A Top US Bank Trusts Neustar SiteProtect for Reliable DDoS Protection Depth

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

TESTING DDOS DEFENSE EFFECTIVENESS AT 300 GBPS SCALE AND BEYOND

Business Strategy Theatre

Analisi degli attacchi DDOS e delle contromisure

9 STEPS FOR FIGHTING AGAINST DDOS ATTACKS IN REAL-TIME.

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

Cloud Security Myths Paul Mazzucco, Chief Security Officer

RSA INCIDENT RESPONSE SERVICES

PROTECTING INFORMATION ASSETS NETWORK SECURITY

Transcription:

Multi-vector DDOS Attacks Detection and Mitigation Paul Mazzucco Chief Security Officer August 2015

Key Reasons for Cyber Attacks Money and more money Large number of groups From unskilled to advanced Present in virtually every country Protest Revenge Large number of groups Basic skills; a few standouts with advanced skills who motivate a potential larger set of followers Acquiring secrets for - National security - Economic benefit Growing number of countries with capabilities Larger array of supported or tolerated groups Motivation is to destroy, degrade, or deny Politics by another name Growing number of countries with capability Non-state actors could be included Criminal Hacktivists Espionage War

DoS/DDoS Attacks New Cyber Weapon of Choice Cyber Attack Sophistication Is Increasing Lower bandwidth attacks occur more frequently, last longer, evade detection - Overwhelm servers' ability to respond; ultimately take down the site Multi-vector campaigns - Booter services, low-cost DDoS campaigns can take down typical business - DDoS-for-hire market is expanding - China, Germany, the U.S. accounted for more than 50% of all DDoS attacks origins in Q1 2015 Source: Akamai The number of DDoS attacks in Q1 2015 more than doubled the number of DDoS attacks in Q1 2014

The Industry Hit List Expands Drivers: the rise of the Internet of Things, web vulnerabilities and botnet building Choice Targets SaaS platforms, e.g. healthcare data Competitive industries, e.g. gaming Multi-tenant platforms because attacks on one tenant impact all other tenants Source: Akamai Q1 2015 infrastructure attacks were 91% of total DDoS attacks

Where Are the Attacks Taking Place? The 7 Layers of the OSI Model Network attacks were 90% of attacks in 2005 Session attacks typically defeat conventional firewalls Application attacks are 90% of attacks in 2015 Q1 2015 vs. Q1 2014: 124.69% increase in infrastructure layer (Layer 3 & 4) attacks Q1 2015 vs. Q1 2014: 59.83% increase in application layer (Layer 7) attacks

New Attack Vectors, One Dangerous Commonality Significant attack vectors emerged in 2014 50% of all Web attacks were encrypted application-based attacks 15% of organizations reported attacks targeting Web application log in pages on a daily basis DNS-based volumetric floods increased from 10% to 21%, becoming the 2 nd most common attack vector Source: Radware

The Simple Service Discovery Protocol (SSDP) - Top Infrastructure-based Attack Vector SSDP comes pre-enabled on millions of devices routers, media servers, web cams, smart TVs, printers Allows devices to discover each other on a network, establish communication, coordinate activities SSDP accounted for more than 20% of Q1 2015 attack vectors Attackers are armed with a list of vulnerable devices; use them as reflectors to amplify a DDoS attack

Not Just a Party of One Anymore Multi-Vector Attacks Take Aim More than 50% of attack campaigns deployed 5 or more attack vectors in 2014 Keeps the target busy by releasing one attack vector at a time vs. launching the entire arsenal all at once Sources: Radware, Arbor Networks

Attackers (Quickly) Strike Back Attackers are continually developing new attack vectors that defeat newly deployed mitigation tools They are responding in days sometimes even hours after mitigation tools are deployed Meaning businesses face two chief challenges: The increasing complexity of security, i.e. multi-pronged nature of the attacks Speed at which attackers adapt to new mitigation tools

Minutes to Compromise, Months to Discover DDoS attack costs SMB: $52,000 per incident 32% of companies would loose over $100K revenue per hour of attack 11% of US companies would loose $1 Million+ revenue per hour of attack Source: Radware Source: Neustar 88% of companies are hit multiple times, with 39% attacked over 10 times annually

Recap the Challenges Cyber attacks are mainstream Network perimeter disappears; Application data is final frontier Availability-based attacks are main weapon Multi-vector attack campaigns Targeting end-to-end weakness points Pipe, network, servers, applications Targeting multi-tenant environments Amplifies overall impact and management complexity Disguising techniques Multiple attackers, one IP address Attack using dynamic IP addresses Data (confidentiality) and integrity attacks

Required Detection: Encrypted/Non-Volumetric Attacks Envelope Attacks Device Overload Directed Attacks - Exploits Intrusions Mis-Configurations Localized Volume Attacks Low & Slow Attacks SSL Floods Sources: TierPoint, Radware

Required Detection: Application Attacks Web Attacks Application Misuse Connection Floods Brute Force Directory Traversals Injections Scraping & API Misuse Sources: TierPoint, Radware

Required Detection: Volumetric Attacks Network DDoS SYN Floods HTTP Floods Sources: TierPoint, Radware

Fight Back Advice #1 Don t assume that you re not a target Draw up battle plans; learn from the mistakes of others Ensure buy-in from ALL C-suite executives, not just the CTO or CIO

Fight Back Advice #2 Protecting your data is not the same as protecting your business True security necessitates data protection, system integrity, operational availability Review your current investments, then gauge the increase required to ensure appropriate protection

Fight Back Advice #3 You can t defend against attacks you can t detect The battle-prepared business harnesses an intelligence network

Fight Back Advice #4 Evaluate DDoS protection solutions Consider a hybrid approach of layered DDoS defenses: always on, on-premise hardware blocking plus cloud-based traffic scrubbing

Fight Back Advice #5 Know your limitations Enlist specialists that have the expertise to help you fight and win

Thank you

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback