Many people are now asking the question, were the 2016 DDoS attacks just warm-up drills or test runs for even larger attacks that would cripple large parts of the Internet? The potential certainly exists; is it probable?
Business depends upon Internet reliability and security, so when it comes to choosing your Internet Service Provider (ISP), it pays to ask the right questions. Given the prevalence of DDoS attacks, one can no longer assume that that your Internet service will be 1) always reliable or 2) “clean.”
What challenges and changes will 2017 bring to the DDoS threat landscape? And why is there reason to be optimistic that the number of volumetric DDoS attacks will decrease in the next few years? Read our predictions for 2017.
In the wake of so many DDoS attacks in recent months/years, many enterprises and agencies are seeking ways to protect themselves from such attacks, and the burden of stopping DDoS attacks should fall mostly on Internet Service Providers and Hosting Providers.
Short DDoS attacks might seem harmless, in that they don't cause extended periods of downtime. But IT teams who choose to ignore them are effectively leaving their doors wide open for ransomware attacks or other more serious intrusions.
In reference to the massive DDoS attack on Dyn, some telecommunications industry experts recently gathered to discuss the issue of “Net Neutrality,” an important and sensitive issue for Internet Service Providers.
Most of the time, Cyber Monday attacks have taken the form of phishing scams and theft of data such as credit card numbers and email addresses. There have not been many major DDoS attacks on Cyber Monday, but with the way DDoS attack trends are going, there is still reason for concern.
Hosting providers and/or the tenants they serve experience distributed denial of service (DDoS) attacks on a daily basis. Some attacks are large and noticeable, but the vast majority go unnoticed unless the provider has a granular DDoS detection solution.
The now infamous DDoS attack on DNS provider DYN broke records for the sheer size of the attack. Unfortunately, the scale of that attack is likely to become commonplace in the near future because of a perfect storm of four trends brewing in cyberspace.
The Corero research team has discovered a new distributed denial of service (DDoS) Reflection/Amplification attack vector that leverages Connectionless Lightweight Directory Access Protocol (CLDAP UDP:389).
Websites across the East Coast were impacted as a result of a reported DDoS attack against a well-known DNS provider’s Infrastructure. The online availability of popular brands such as Twitter, Spotify, Basecamp, Netflix and a laundry list of others were impacted.
In the run-up to the US election, we can expect to see more and more of the types of DDoS attack that took Newsweek offline last week. However, these attacks can easily be defeated by service providers, at the network edge.
Despite its advantages, the Internet of Things (IoT) comes with a host of security disadvantages, allowing hackers to harness connected devices for a variety of nefarious purposes, including DDoS attacks.
Having been in the business of DDoS protection for many years, Corero has seen plenty of bad advice thrown around by various cyber pundits. Below we have put together 6 common myths around DDoS protection, and our response to them.
Researchers from Ben Gurion University in Israel recently discovered that cyber criminals could launch a telephony denial-of-service (TDoS) attack that could take over thousands of smartphones to form a zombie army of botnets that would automatically dial repeated calls to a 911 system.
Of all the cyber threats today, distributed denial of service (DDoS) ransom attacks and ransomware are high on the list of IT security concerns because they are growing more common and they are expensive to remediate.
A new study published by international consulting firm KPMG and telecoms group BT recommends that businesses collaborate with telecom companies, Internet Service Providers, banks, credit-card providers, insurers and the security industry in a concerted effort to improve cyber security.
Recent DDoS attacks on Blizzard and EA servers highlight the vulnerability of the online gaming industry. Fortunately, gaming companies— or, for that matter, all companies that rely on a continuous online presence— now have better choices that can deliver near-instantaneous protection.
Ransomware, Trojans, Malware, and distributed denial of service (DDoS) attacks are some of the most common types of threats. Each has different vectors and flavors, and each brings its own risks and costs. IT pros clearly need multiple layers of security, but which layers are most important?
After the DDoS attack on Australian Bureau of Statistics, what can we learn from it? The incident highlights the importance of having DDoS protection at the network perimeter, as well as reliable analytics and clear visibility in the event of a DDoS attack.
New research presented at the Black Hat conference indicates that DDoS DNS amplification attacks are now more likely to use SSDP than NTP, and that DDoS attacks may generally be smaller than are commonly reported.
Recent research found that cyber attackers can launch DDoS attacks by abusing improperly configured DNSSEC (Domain Name System Security Extensions) domains. Learn how to protect your network, whether it includes DNS service or not.
If your water utility delivered contaminated water into your home, you’d probably complain; of course consumers expect clean, potable water from their water utilities. Likewise, enterprise customers have begun to realize that “dirty” Internet traffic threatens their availability, security and bottom line, so they increasingly demand “clean pipe” from their Internet Service Providers (ISPs).
When the Rio Olympic Games began last week, several websites associated with the Games and the Brazilian government were hit by DDoS attacks. But beware; hackers don't attack only high-profile websites.
This year the leading conference for hosting providers featured an emphasis on cyber security and network protection, with many attendees interested in adding DDoS mitigation to their portfolio of services.
A DDoS attack on an Internet Service Provider (ISP) earlier this week crippled Internet service throughout Mumbai, India, which clearly demonstrated why it’s so important for ISPs to have DDoS protection.
There is no shortage of cyber threats, but there is a shortage of trained IT security personnel to guard against them. With automated DDoS mitigation in place, IT security staff would have more time to handle other cyber security threats.
The popularity of the online game Pokémon GO has exploded like wildfire in a matter of days (as anyone who does not live under a rock knows). It took only a few days for cyber hackers to find a way to cripple the online game with two apparently separate DDoS attacks that caused service disruptions and outages.
New anti-DDoS technology is not only more effective than ever, it’s also more affordable. Here's a list of five tips to guide hosting providers in their strategy to protect their networks and their customers’ networks from DDoS.
From historic DDoS attacks against the PlayStation Network to the recent sustained attacks against Blizzard, DDoS attacks have become such a regular occurrence in the gaming industry that it has almost become an accepted part of the culture. This blog looks at a few commonalities that indicate how and why these attacks occur.
Most DDoS attacks are not large, volumetric attacks, and DDoS hackers target all kinds of organizations, not only big, household name companies or government agencies. No website or online application is immune to DDoS, and any size DDoS attack is cause for alarm. You see, DDoS is not just a web availability issue; it’s a security issue.
Corero polled over 100 IT security professionals at the Infosecurity Europe 2016 conference in London last month, and the survey shows that UK businesses are not only worried about DDoS attacks, they want better protection from their Internet Service Providers.
If you’re doing research about DDoS protection solutions there are many choices out there, and it can be challenging to find the solution that best fits your organization. Learn about the pros and cons of scrubbing service vs. cloud-based mitigation vs. DDoS mitigation appliances.
A massive botnet DDoS attack, composed of approximately 25,500 compromised closed-circuit television (CCTV) systems, has been ongoing for the past few weeks, attacking various businesses across the globe. A firewall offered no protection.
A new report from Cisco includes data on DDoS attacks worldwide, citing increased size and frequency of attacks. However, Corero finds that the vast majority of attacks targeting customers are 1Gbps or less in size.
Retaining and growing accounts for existing customers is much easier than gaining new ones, particularly in the telecommunications industry, which has significant turnover. But which technologies offer the greatest opportunities for this kind of advancement?
A recent KPMG study showed that 1 in 10 banking executives didn't know if their bank had been hacked. Bank executives need to realize how easily hackers breach networks by using Dark DDoS attacks as a smokescreen.
In mid-May three senators on Capitol Hill introduced a bill (S.2931 - Botnet Prevention Act of 2016) that aims to give law enforcement and the courts more teeth when it comes to going after cybercriminals, especially those that launch botnet-drive DDoS attacks. It's a nice idea, but will it work?
In a recent survey, 30% of respondents said their enterprise relies on traditional security infrastructure products (firewall, IPS, load balancers) to protect their businesses from DDoS attacks. Unfortunately, those companies are still very vulnerable to DDoS attacks.
It's a challenge for network security professionals to detect, never mind block, every intrusion. What’s troubling is how much time it can take for an organization to realize that its security system has been breached.
At last week's Big Communications Event, the annual gathering of experts in the telecoms and communications industry, one major topic was how to secure the provider network and protect downstream customers from cyber threats.
Human intervention is insufficient for most cyber security attacks because humans can’t immediately see every attack, and they certainly can’t respond fast enough (in real time) to block all infiltrations.
Human intervention alone is no longer sufficient to stop cyberattacks. However, it’s important to recognize that not all software techniques that are automatic or reactive should be classified as Artificial Intelligence.
When evaluating an Internet Service Provider, it’s important to consider the quality, as well as quantity, of bandwidth it offers. How effectively a provider protects its customers from Distributed Denial of Service (DDoS) attacks can have a dramatic impact on the quality of Internet service.
If your organization is debating the merits of a DDoS protection appliance compared to a DDoS scrubbing service, this blog post offers a short explanation of the key differences between these types of DDoS solutions.
Corero’s latest product, the SmartWall® Threat Defense - Virtual Edition (vNTD Monitor), allows service providers who are looking to scale out their security analytics environment to simply “drop” security visibility into any part of their network to analyze the nature of a threat.
This week ushered in several news articles about recent DDoS extortions that turned out to be scams conducted by some hackers who pretended to be part of the Armada Collective. Some businesses paid the ransom fee, but they could have avoided the entire problem if they had adequate DDoS protection in place.
Hosting providers face increasing pressure to prevent DDoS attacks from infiltrating their networks. Here are three primary reasons why providers need to implement DDoS protection, and three benefits they'll gain from doing so.
Last week the Janet Network, the government-funded educational network used by many universities in the United Kingdom, experienced another serious DDoS attack. Universities can’t afford to adopt a “whack-a-mole” approach to DDoS attacks. They need real-time, automatic protection against DDoS attacks to protect network services, maintain availability and protect users and their confidential data.
FierceMarkets and Corero jointly published a new research report based on a survey of ISPs and enterprise customers regarding DDoS mitigation strategies. The report discusses not only the traditional methods of DDoS mitigation, but also the rationale of some ISPs who have not yet adopted more effective anti-DDoS technology.
There are millions of connected devices that comprise the Internet of Things (IoT), which leads to many security weaknesses that DDoS hackers can leverage. By using amplification techniques on the millions of very high bandwidth density devices currently accessible, such as baby video monitors and security cameras, DDoS attacks are set to become even more colossal in scale.
For today’s internet-driven businesses, any service degradation or outage can have a detrimental impact on brand, customer loyalty and the bottom line. Increasingly, such incidents are being caused by Distributed Denial of Service (DDoS) attacks, and this is one area where telecoms can take leadership.
The majority of hosting provider customers expect the provider to ensure “clean pipe.” Here's a summary of a webinar that we co-presented with Web Host Industry Review (WHIR), which discusses how hosting providers can implement the most comprehensive level of DDoS protection to eliminate DDoS attack traffic from their networks, and offer that DDoS protection as a value-added service to their customers.
Cyber attacks are on the rise, affecting all kinds of organizations, yet there is a shortage of cybersecurity employees who know how to prevent and manage cyber threats. Small to medium-sized businesses are increasingly turning to Managed Security Service Providers (MSSPs) for help.
Corero SmartWall® Threat Defense System (TDS) earned a top position in the latest NSS Labs DDoS Prevention Group Test, earning the coveted “Recommended” rating, with high performance in all test categories.
We've released the results of our annual DDoS Impact Survey, which polled technology decision makers, network operators and security experts about key DDoS issues and trends that Internet service providers and businesses face in 2016. Nearly half (45%) of the survey participants indicated that loss of customer trust is the most damaging consequence of DDoS attacks to businesses. See our infographic that sums up rest of the survey results!
Researchers in Scotland have found a new vector for DDoS amplification attacks: the TFTP protocol (Trivial File Transfer Protocol). Thus far it appears that hackers have not relied heavily on the TFTP protocol; however, you can be sure it will become popular with DDoS attackers.
Many organizations aren’t even aware of when their sites are experiencing a DDoS attack, because the majority of attacks are under 1 Gbps, and are perceived as only annoying “noise” in the IT background; the attacks are not large enough to get the attention of IT security staff. That doesn’t mean they should be ignored, however. Unseen, low-level DDoS attacks cause two problems.
Staminus, a global hosting and Web security firm, suffered a major blow late last week when it became the victim of a security breach. Staminus is a hosting provider and provider of cloud-based DDoS mitigation services.
Give the U.S. federal government credit for attempting to find more broad-based solutions to the global problem of DDoS attacks. We reported a few months ago that DARPA is soliciting research projects on innovative ways to create resilient defenses against DDoS attacks. Now the Department of Homeland Security (DHS) is getting in on the act as well.
DDoS attacks come in various forms, and hackers have become more sophisticated by launching blended attacks that combine three, four or five types of attacks at the same time. Fortunately, the Corero SmartWall Threat Defense System (TDS) defends against all of them. A recent 75Gbps combined ACK and SYN flood attack on a Corero customer illustrates this point.
In a recent webinar hosted by IHS on “Service Provider Deployment of DDoS Mitigation,” Stephen Clark, Director of IP Networks at Telesystem, explained that Block Communications implemented the Corero SmartWall® Threat Defense System on each of its vital interconnects to Tier 1 providers. The solution is in-line deployment of automatic DDoS mitigation that stops malicious traffic at the peering edge. “We can protect our networks at the gate, in real-time,” said Clark.
Last week we announced a new product: vNTD Monitor, which provides the freedom and flexibility to monitor DDoS activity in real-time against any server, application or network. This industry-leading technology provides visibility of attack traffic, intuitive analytics and alerting of DDoS attack vectors targeting a system or workload.
Xbox Live is again making headlines, but not in a good way. Earlier this week the company suffered various service outages that kept thousands of Xbox gamers at bay. The rumor—unconfirmed by Xbox Live—is that the outages may have been caused by a series of distributed denial of service (DDoS) attacks. Regardless of whether this incident was caused by a DDoS attack, it is well-known that DDoS hackers love to wreak havoc with online gaming companies.
In the typical service provider network today, security is often an afterthought; after building the network, engineers typically add encryption and firewalls, neither of which is sufficient to protect against the increasing malware and DDoS attacks that plague networks and service functions.
Whether they are online enterprises, hosting providers or Internet service providers, companies need 24/7 insight into their network security, particularly regarding DDoS attacks and other cyber threats that target their Internet-facing services.
The “2016 Cost of Data Center Outages Report,” published recently by Emerson Network Power in conjunction with the Ponemon Institute, states that unplanned data center outages cost companies nearly $9,000 per minute, and the second most common cause of outages was cybercrime, specifically Distributed Denial of Service (DDoS) attacks.
There are two aspects of fighting DDoS attacks. One is remediation—stopping the attack when it comes in. Corero and other providers have this part of the equation covered. The other aspect of stopping attacks has to do with law enforcement, which can be done only with the help and support of the victim companies.
Distributed denial of service (DDoS) attacks are clearly on the rise: growing in size, sophistication and frequency. Any type of website can be preyed upon by a DDoS attacker, and several high-profile websites have been hit in recent weeks, ranging from corporate enterprises and government agencies to educational institutions. In this blog post Corero COO Dave Larson answers questions about these troubling trends.
Corero's Security Operations Center* team monitors various customer websites 24/7, 365 days per year. They regularly see DDoS attacks in real-time, many of which are so small that they would be unnoticed by the customer if not for the Corero SmartWall® Threat Defense System (TDS). However, they also see very large, multi-vector attacks in progress. This blog includes sample reports of high-volume, multi-vector attacks detected and mitigated in real-time by the SmartWall® Threat Defense System.
Now that DDoS mitigation solutions are more affordable and scalable, there is opportunity to not only save on operational and bandwidth costs, but also to generate new revenue. Service providers can turn mitigation structure around to re-sell it as a service to their customers downstream.
Cyber insurance is not a substitute for making smart investments in cyber security and following industry best practices. However, it is an important part of almost any business's risk mitigation strategy.
Whether motivated by greed, cheap thrills or politics, DDoS hackers wreak havoc on websites. The best protection is prevention: defensive solutions that can detect and stop DDoS hackers in their tracks before they do any damage.
Hacktivism is on the rise as a motivation behind numerous DDoS attacks. For whatever reason, groups like Anonymous, Lizard Squad, Syrian Electronic Army, Chaos Computer Club and others believe they can intimidate corporations, government agencies, and other institutions by knocking these entities' websites offline for a period of time. One of the latest victims of a hacktivist attack is the Japanese carmaker Nissan.
Corero is pleased to note that one of our customers, InMotion Hosting, has won PC Mag’s Editor’s Choice Award for The Best Web Hosting Services for 2016. One of the key factors for the win was uptime, which is increasingly recognized as the most important feature that hosting providers must offer to website customers. After all, if a customer’s website goes down, it’s difficult, if not impossible, for that customer to conduct business.
High profile DDoS attacks rang in the new year in full force, starting 2016 with a flood (no pun intended) of activity. The morning of New Year’s Eve, BBC websites and other associated online services went dark due to a DDoS attack. Since the outage, hacker group “New World Hackers” have stepped forward claiming responsibility, indicating that the attack was carried out as a “test of its capabilities”.