Analisi degli attacchi DDOS e delle contromisure

Similar documents
Arbor WISR XII The Stakes Have Changed. Julio Arruda V1.0

IoT - Next Wave of DDoS? IoT Sourced DDoS Attacks A Focus on Mirai Botnet and Best Practices in DDoS Defense

An Introduction to DDoS attacks trends and protection Alessandro Bulletti Consulting Engineer, Arbor Networks

COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1

WORLDWIDE INFRASTRUCTURE SECURITY REPORT

Arbor White Paper. DDoS: THE STAKES HAVE CHANGED. HAVE YOU? REVEALED: 3 dangerous myths about DDoS attacks

Global Threat Landscape

DDoS MITIGATION BEST PRACTICES

State of the Internet Security Q Mihnea-Costin Grigore Security Technical Project Manager

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

Cybersecurity. Anna Chan, Marketing Director, Akamai Technologies

DDoS Introduction. We see things others can t. Pablo Grande.

DDOS DETECTION AND RESPONSE TRENDS IN THE ENTERPRISE: AN IANS CUSTOM REPORT

Trends in IoT DDoSbotnets

Prolexic Attack Report Q4 2011

Corero & GTT DDoS Trends Report Q2 Q3 2017

Internet2 DDoS Mitigation Update

Arbor White Paper Keeping the Lights On

WHITE PAPER Hybrid Approach to DDoS Mitigation

Introduction to DDoS Attacks

Safeguard Your Internet Presence with Sophisticated DDoS Mitigation.

CLOUD-BASED DDOS PROTECTION FOR HOSTING PROVIDERS

34% DOING MORE WITH LESS How Red Hat Enterprise Linux shrinks total cost of ownership (TCO) compared to Windows. I n a study measuring

HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

Fighting the Shadows: How to Stop Real-world Cybersecurity Application Threats That You Can t See

Why IPS Devices and Firewalls Fail to Stop DDoS Threats

Distributed Denial of Service (DDoS)

War Stories from the Cloud: Rise of the Machines. Matt Mosher Director Security Sales Strategy

INTRODUCTION: DDOS ATTACKS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

Cloud DNS. High Performance under any traffic conditions from anywhere in the world. Reliable. Performance

Think You re Safe from DDoS Attacks? As an AWS customer, you probably need more protection. Discover the vulnerabilities and how Neustar can help.

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74

( ) 2016 NSFOCUS

The Case for Virtualizing Your Oracle Database Deployment

ddos-guard.net Protecting your business DDoS-GUARD: Distributed protection against distributed attacks

AKAMAI THREAT ADVISORY. Satori Mirai Variant Alert

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

RESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises

Corero Network Security plc

Cyber Security in Smart Commercial Buildings 2017 to 2021

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

Multi-vector DDOS Attacks

SCALEFAST COMMERCE CLOUD INFRASTRUCTURE

MULTIPLAYER GAMING SOLUTION BRIEF

Understanding the Mirai Botnet

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

Comprehensive DDoS Attack Protection: Cloud-based, Enterprise Grade Mitigation F5 Silverline

Imma Chargin Mah Lazer

VERISIGN DISTRIBUTED DENIAL OF SERVICE TRENDS REPORT

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

Imperva Incapsula Survey: What DDoS Attacks Really Cost Businesses

Solutions to prevent IoT devices to be used for DDOS attacks. WISeKey General Business Use

Building a Threat Intelligence Program

A10 DDOS PROTECTION CLOUD

A proactive and collaborative DDoS mitigation strategy for the Dutch critical infrastructure

Innovation in the Cloud: How to Grow Markets, Reduce Risks, and Improve the Customer Experience

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

Cyber War Chronicles Stories from the Virtual Trenches

War Stories from the Cloud Going Behind the Web Security Headlines. Emmanuel Mace Security Expert

DDoS: Evolving Threats, Solutions FEATURING: Carlos Morales of Arbor Networks Offers New Strategies INTERVIEW TRANSCRIPT

Smart and Secured Infrastructure. Rajesh Kumar Technical Consultant

Allot IoT Defense Solutions for Enterprises to Ensure IoT Service Continuity. Solution Brief

Cloud Foundry User Survey

DDoS attack patterns across the APJ cloud market. Samuel Chen CCIE#9607 Enterprise Security Architect, Manager - APJ

The Interactive Guide to Protecting Your Election Website

IPv6 Readiness in the Communication Service Provider Industry

Technology Priorities SURVEY. Exclusive Research from CIO magazine

2015 DDoS Attack Trends and 2016 Outlook

IPv6. Akamai. Faster Forward with IPv6. Eric Lei Cao Head, Network Business Development Greater China Akamai Technologies

DNS SECURITY BENEFITS OF OUTSOURCING YOUR DNS TO AN IP ANYCAST+ PROVIDER

A Survey of Defense Mechanisms Against DDoS Flooding A

August 14th, 2018 PRESENTED BY:

CABLE MSO AND TELCO USE CASE HANDBOOK

Validating the Security of the Borderless Infrastructure

How SD-WAN will Transform the Network. And lead to innovative, profitable business outcomes

Large FSI DDoS Protection Reference Architecture

The State of Cloud Monitoring

IBM Cloud Internet Services: Optimizing security to protect your web applications

THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES

Distributed Denial of Service (DDoS)

Security Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis

NETWORK DDOS PROTECTION STANDBY OR PERMANENT INFRASTRUCTURE PROTECTION VIA BGP ROUTING

WEB DDOS PROTECTION APPLICATION PROTECTION VIA DNS FORWARDING

The F5 Intelligent DNS Scale Reference Architecture

2nd SIG-NOC meeting and DDoS Mitigation Workshop Scrubbing Away DDOS Attacks. 9 th November 2015

Downtime by DDoS: Taking an Integrated Multi-Layered Approach. Arbor Solution Brief

DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT

Comprehensive datacenter protection

IPv6 Industry Survey Results

Enterprise D/DoS Mitigation Solution offering

SYMANTEC ENTERPRISE SECURITY. Symantec Internet Security Threat Report September 2005 Power and Energy Industry Data Sheet

Transform your network and your customer experience. Introducing SD-WAN Concierge

` 2017 CloudEndure 1

SOTI SUMMER [state of the internet] / security ATTACK SPOTLIGHT

Deploying a Next-Generation IPS Infrastructure

OSSIR. 8 Novembre 2005

INVESTOR PRESENTATION

Transcription:

Attacchi informatici: Strategie e tecniche per capire, prevenire e proteggersi dagli attacchi della rete Analisi degli attacchi DDOS e delle contromisure Alessandro Tagliarino 0

WHO IS ARBOR NETWORKS? 17 Number of years Arbor has been delivering innovative security and network visibility technologies & products #1 Arbor market position in Carrier, Enterprise and Mobile DDoS equipment market segments > 110 100% Percentage of world s Tier 1 service providers who are Arbor customers Number of countries with Arbor products deployed 25% Amount of global traffic monitored by the ATLAS security intelligence initiative right now! http://digitalattackmap.com pag. 2

Overview This presentation provides a summary of the results of Arbor Networks 12 th annual Worldwide Infrastructure Security Report (WISR) The WISR documents the collective experiences, observations and concerns of the operational security community in 2016 plus forecasts for the coming year The WISR has changed immeasurably in terms of its scope and scale over 12 years, but the core goal is still to provide real insight into infrastructure security from an operational perspective pag. 3

Survey Demographics SP respondents : 51% Tier 2/3 operators & 25% Tier 1 EGE respondent : 61% enterprise, 35 % education & 14% government Enterprise: 32% banking/ finance up from 18% last year. Technology, automotive/transportation and manufacturing are also well represented, rounding out the top 4 Geographic Split: 32% North America, 28% Europe, 23% APAC, 10% Middle East/Africa & 7% LATAM pag. 4

Things You Should Know About DDoS Attacks Its never been easier to launch a DDoS attack. DDoS attacks are increasing in size, frequency and complexity. DDoS attacks are used as smoke screens or forms of diversion during advanced threat campaigns 2. One Of the Top 3 causes of unplanned outages, DDoS attacks are the most costly to an organization 3 $5:$100sK DDoS for Hire Did You Know? For $5/hr anyone can launch a DDoS attack an cause $100sK in damage 800Gbps DDoS attack size increasing 1 74% involved DDOS as a diversion 2 78% 42% experienced multivectored attacks 1 Increase in demand for DDoS Protection services 1 pag. 5

Scale : Volumetric Attacks Increase Largest attack reported was 800 Gbps with other respondents reporting attacks of 600 Gbps, 550 Gbps, and 500 Gbps One third of respondents report peak attacks over 100Gbps 41% of EGE respondents and 61% of data-center operators reported attacks exceeding their total Internet capacity pag. 6

Scale : The ATLAS Perspective Peak monitored attack of 579Gbps, 73% growth from 2015 558 attacks over 100Gbps, 87 over 200Gbps Compared to 223 and 16 in 2015 20% of attacks over 1Gbps, as opposed to 16% in 2015 Average attacks size now 931Mbps, up from 760Mbps, a 23% increase pag. 7

Scale: Driving Factors, IoT The Problem Almost every piece of technology we buy is connected Devices are designed to be easy to deploy and use, often resulting in limited security capabilities Software is very rarely upgraded. Some manufacturers don t provide updates, or the ability to install updates The Result First high-profile attack using IoT devices Christmas 2013, using CPE and webcams In 2016 Botnet owners started to recruit IoT devices en mass Attacks of 540Gbps against the Olympics, 620Gbps against Krebs, Dyn etc.. pag. 8

Scale: Driving Factors, Mirai Mirai is designed to infect and control IoT devices and contains the code necessary to manage and build large-scale botnets Billions of IoT devices connected to the Internet Estimates vary, 5B+, with millions added every day Arbor honeypot devices look for exploit activity on Telnet / SSH ports 1M login attempts from 11/29 to 12/12 from 92K unique IP addresses More than 1 attempt per minute in some regions pag. 9

Scale: Driving Factors, Reflection Amplification Reflection Amplification attacks continue, but there has been some cyclic change in the protocols favored by attackers. Strong growth in the use of DNS (again) through 2016 Largest monitored attack of 498.3Gbs, a 97% jump from last year DNS and NTP attacks over 400Gbps, Chargen over 200Gbps pag. 10

Complexity : Attack Types Service Provider Attack Types EGE Attack Types Volumetric attacks still represent the majority of activity for both SP and EGE respondents. 95% of SP report applications layer attacks, 93% last year, 90% in 2014 67% of SP report multi-vector attacks, 56% last year, 32% in 2014 pag. 11

Complexity : Targeted Services EGE Service Targets SP Service Targets DNS and HTTP the most common services targeted by application layer attacks Majority of SP and EGE respondents also see attacks targeting HTTPS 57% of EGE respondents see attacks targeting the application behind HTTPS Much higher than the 22% seen by SPs Cipher suites that prevent traffic inspection are a key problem pag. 12

Frequency : Up Across the Board EGE 53% of SPs see more than 51 attacks per month, up from 44% 21% of data-centers see more than 50 attacks per month, up from 8% 45% of EGE see more than 10 attacks per month, up from 28% ATLAS is tracking 135,000 Volumetric attacks per week. pag. 13

Motivations: Many and Varied SPs see Online Gaming and Hackivismas top motivations EGE see Ideological Hacktivism and Extortion as top 26% of EGE see DDoS for distraction, up from 12% pag. 14

Impact : Targets SPs see Government, Finance and Hosting as top targets SPs seeing attacks on cloud services drops from one third to one quarter 42% of EGE respondents experienced an attack 63% of finance, up from 45% 53% of government, up from 43% pag. 15

Impact : Data Center Nearly three quarters of data center respondents saw between 1 and 20 attacks that impacted their service in 2016 Operational expenses are top business impact Significant increase in revenue loss, up from 33% to 42% 23% estimate cost of a significant attack over $100K, 5% estimate over $1M pag. 16

Mitigation : SPs Continue to Impress 83% of SPs use IDMS to mitigate DDoS attacks Use of IDMS and D/RTBH are both increasing 77% of SPs mitigate attack in less than 20 minutes 27% mitigate automatically 78% of SPs see more demand from customers, up 4 percent over last year Government, Finance, ecommerce and Hosting are driving demand pag. 17

Mitigation : Data Center Improves 60% use IDMS 40% use firewalls down from 71% pag. 18

Mitigation : EGE Improves Firewalls, IPS/WAF and ACLs most common 35% use cloud DDoS mitigation Up from 28% 30% use layered DDoS mitigation Up from 23% titolo pag. 19

SP Organizational Security Nearly half of SPs now implement anti-spoofing filters Rehearsing DDoS attack processes and procedures is key 10% increase in SPs running simulations, 37% do this quarterly EGE 55% now run simulations, 40% do this quarterly Difficulty in hiring and retaining personnel remains a key issue for both SP and EGE respondents pag. 20

Q&A titolo pag. 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback