Keep eCommerce Thriving in a Hostile World
In the 21st century, online commerce is the lifeblood of business around the globe. Retailers and other suppliers of goods and services depend on the Internet, whether they are purely online or combine Internet and brick-and-mortar business. They sell products and services to customers, transact business with partners and suppliers, and provide information and support at the click of a mouse or tap on a smart phone. Customers and other eCommerce constituents conduct their business in the expectation that the site will be fast, responsive and always available on demand, and with confidence that their information is secure.
Unfortunately, legitimate companies are not the only ones taking advantage of the tremendous business opportunities that can be realized on the Internet. Criminals were quick to gravitate to the 'Net as soon as business volume and the value of the transactions conducted online reached critical mass. There is big money and therefore big criminal opportunity online.
Criminal Threats: DDoS Attacks...
eCommerce companies depend on availability and responsiveness on their customer-facing sites. When a distributed denial of service (DDoS) attack strikes, thousands, even millions of dollars can be lost if service is slowed and customers lose patience, or the site goes down. Extended service interruptions can be catastrophic, both in terms of actual loss and damage to the corporate brand.
eCommerce has become a way of life for millions of customers who depend on their computers and mobile devices to buy products and services, and obtain product information and support. But as the company serving those customers, you have to contend with the constant threat of intentional attacks designed to disrupt the Internet services that are your business. If your site is down, they may well go to a competitor. Disruption of that service for any extended period, as we have seen, impacts business and severely undermines customer confidence. Recent DDoS attacks have hit Amazon, PayPal, Visa, Sony PlayStation Network and MasterCard, among others.
DDoS is on the rise: Gartner reports a 30% increase in attacks in 2010, and continued increase in 2011.
Criminals seeking profit are not the only threat. Hacktivist groups such as Anonymous and LulzSec (or any capable splinter groups or individuals) launch DDoS attacks over a political position, what they deem unfair or unethical business practices, or whatever perceived affront may motivate them. Extortion under threat of DDoS attack, unscrupulous competitors seeking to undermine your company and pure malicious behavior for its own sake also continue to be very real sources of DDoS.
Among the most prevalent contemporary DDoS attacks are application layer or connection-based attacks. Unlike the more familiar network layer flooding attacks, such as SYN Floods, application layer attacks are insidious: They appear to be normal requests to the website and don't overwhelm network devices, firewalls and servers with conspicuously huge volumes of traffic.
... and Information Breach
Companies doing business online are entrusted with and responsible for thousands, often millions of customer records, including account credentials, credit cardholder data and personally identifiable information. Online companies are required to protect these records against unauthorized access under compliance mandates such as PCI DSS and state data breach notification laws, as well as their obligations to customers and partners. The average total cost of a single data breach was more than $7.2 million dollars in 2010, according to a survey by the Ponemon Institute.
Organized criminals employ hacking techniques and malware to commit data theft, extortion, identity theft and fraud. The crimes are as old as civilization, but the methods are adapted to the times and the impact is devastating. One 2009 report estimated cyber crime cost businesses $1 trillion annually, and that figure is sure to be much higher because of under-reporting and the growth of Internet crime. Cyber crime attacks are now listed as the FBI's third highest priority, behind terrorism and espionage.
The 2011 Verizon Data Breach Report, which analyzes some 800 breach investigations by Verizon and the U.S. Secret Service, found that nine out of 10 breaches involved external agents (a 22% increase over the 2010 report), indicating a continued, even growing need for protection against outside attacks. Half the attacks involved some type of malware (an 11% increase), again underscoring the need for improved network security.
Online companies are victimized by both mass, automated attacks that exploit targets of opportunity, and targeted attacks exploiting unpatched and previously unknown (zero-day) vulnerabilities. Smaller companies are being targeted on the assumption that their security is weaker, and the risk small compared to the reward.
Corero Network Security Solutions
Corero Network Security provides superior solutions that protect eCommerce companies against both DDoS attacks and intrusions aimed at stealing sensitive corporate and customer information.
DDoS Defense System
Corero DDoS Defense System (DDS), leveraging Corero's award-winning technology, delivers nondisruptive protection from attacks against the networks and servers that support eCommerce. It provides maximum protection for critical IT assets, detecting and blocking malicious traffic while allowing full access to legitimate users and applications. DDS keeps eCommerce sites up and available at full service levels.
Corero's DDS delivers unmatched DDoS attack detection and mitigation against both the well-known network layer flooding attacks and the more insidious application layer attacks that are nearly impossible to detect without patented Corero technology. DDS delivers on-premise protection that traditional network security technologies, such as firewalls and other vendors' IPS cannot. Corero provides a level of security that goes beyond dealing with DDoS by simply buying more bandwidth, which is expensive and useless against application attacks. "Clean pipe" and "black hole routing" techniques that may be used by your ISP or cloud-based anti-DDoS provider are not as effective as dedicated Corero on-premise solutions and are blind to insidious application layer attacks.
In concert with DDS, SecureWatch PLUS DDoS defense configuration/implementation, 24/7 monitoring and incident response services provide the most comprehensive DDoS defense available on the market.
Intrusion Prevention System
Corero's Intrusion Prevention System (IPS) solution provides continuous, comprehensive protection against external attacks, leveraging unique technology that discerns between legitimate and malicious traffic, providing more accurate detection and fewer false positives than other IPS products. Corero uses stateful protocol inspection and inspection of payload data files to determine if suspect traffic is behaving correctly or represents a threat.
Corero IPS features bidirectional traffic inspection, enabling response behavior analysis, in order to stop application layer attacks and detect compromised computers communicating with their command-and-control servers.
Corero solutions provide a high level of visibility into network activity, and helps meet internal audit and regulatory compliance requirements through its Network Security Analyzer (NSA), a security information and event management tool. NSA provides robust and highly flexible logging, reporting and forensics capabilities.
eCommerce companies can deploy both the Corero DDS and IPS solutions inline in full confidence that they will maintain full levels of performance and service, which are absolutely critical to successful online business operations. Corero appliances offer the lowest latency and highest reliability of any security products available on the market today. Corero's Core Platform, built on the purpose-built Tilera multicore processor architecture and CoreOS, provides real-world protection at real-world performance levels.
Corero’s First Line of Defense® is an organization’s new perimeter. It stops the latest breed of cyber-attacks, including DDoS attacks, zero-day exploits, remote exploit insertions, server targeted threats and access attempts from malicious IP addresses and unwanted geo-locations, all of which easily bypass traditional network security defenses and compromise enterprise networks.