With 16 years of experience in B2B enterprise software marketing, Joy Reo conducts lead nurturing and content generation programs at Corero to help the company increase brand awareness, lead generation and market share.
Academics from the University of Twente (Netherlands); UC San Diego (USA); and Saarland University (Germany) recently conducted research that found that one-third of all /24 networks have suffered at least one DoS attack over the last two years. The research also found that “an average of 3% of the Web sites in .com, .net, and .org were involved with attacks, daily.”
Local municipal police forces seldom have the resources to track down cyber criminals, but the U.S. federal government has resources, and they want to help stem the surge of distributed denial of service (DDoS) attacks. Last week the U.S. Federal Bureau of Investigation (FBI) issued an appeal to organizations that have been victims of DDoS attacks to share details and characteristics of those incidents with an FBI Field office and the IC3.
Enterprises need to consider that even if they have protection against distributed denial of service (DDoS) attacks, their business could be taken offline if their Internet Service Provider (ISP), hosting provider or Domain Name Service (DNS) provider does not have adequate DDoS protection.
This past spring American International Group (AIG), one of the largest cyber insurance companies, surveyed cyber security and risk experts to gain a deeper understanding of their views of the likelihood and impact of a systemic cyber-attack.
According to Corero’s recent DDoS Trends Report, Corero customers experienced an average of 124 attacks per month in the first quarter of this year (Q1 2017); that’s an increase of 9% compared to Q4 2016. In addition, 79 percent of DDoS attacks that Corero mitigated among its global customer base were less than 1Gbps in volume in Q1 2017. 98 percent of attacks were 10Gbps or less in volume.
U.S. federal law enforcement and computer security agencies recently released a rare security alert, citing that a North Korean hacking group is actively targeting media, aerospace, financial, and critical infrastructure sectors in the United States and around the world. The hackers are believed to have used a botnet creation malware called DeltaCharlie to launch DDoS attacks.
It’s hardly surprising that DDoS attacks finally caught the attention of politicians; it was just a matter of time until a DDoS attack affected a government agency. A combination of events has led to more awareness of cyber threats, including DDoS attacks.
Internet service providers are increasingly treated more like public utilities than consumer services; will government regulations require that they block DDoS traffic? That remains to be seen. Ultimately the demands of enterprises and consumers may have more influence than any government regulations. The business landscape may require ISPs to provide DDoS protection, if only to protect themselves from litigation.
The British House of Commons issued a report last week, indicating the possibility that hackers from Russia or China launched a DDoS attack that crashed the United Kingdom's voter registration website before the deadline to register for the historic Brexit vote. Was that the likely cause of the crash, and could something similar happen in the US?
A recent study by BitDefender showed that 34 percent of companies in the U.S. were breached in the past year, and 74 percent of the victims don’t know how it happened. Companies must realize that DDoS attacks are often part of the toolkit for cyber criminals to launch a security breach.
Anti-DDoS technology has often been difficult or costly for individual organizations to deploy. Fortunately, DDoS defense solutions have evolved, enabling hosting providers and ISPs to offer affordable DDoS protection to their customers.
Some companies are keenly aware of attacks on their networks, but other companies are not. Even in some companies that have dedicated IT security staff and systems in place, major security breaches have occurred. It can take months or even years for an organization to realize that it has been breached.
Anti-DDoS solutions have evolved dramatically over the past few years, so it’s surprising to see occasional articles that still recommend outdated approaches, such as remote black holing (also called null routing) to stop unwanted traffic.
Security researcher Brian Krebs believes he has unraveled the mystery of who launched a massive Mirai botnet DDoS attack on his site in September of 2016. If Krebs’ allegation is true, then this is a seamy tale of a good programmer who went bad: a white hat turned into a black hat.
On its own, a DDoS attack is not a security breach; however, it can pose a serious data security risk for hosting providers and others. Learn why IT security teams cannot afford to ignore DDoS threats, no matter how small the attacks may be.
Most hosting providers experience DDoS attacks on a nearly daily basis, even if they are typically not volumetric attacks that drag down an entire network. When a hosting provider gets hit with a volumetric attack, the ramifications can be far-reaching and long-lasting.
Law enforcement is at a disadvantage against hackers, mostly because distributed denial of service (DDoS) attacks leave little or no trace of evidence. However, police have made some arrests recently, which counts as a tiny bit of progress in the uphill battle against cyber criminals.
Many people are now asking the question, were the 2016 DDoS attacks just warm-up drills or test runs for even larger attacks that would cripple large parts of the Internet? The potential certainly exists; is it probable?
In reference to the massive DDoS attack on Dyn, some telecommunications industry experts recently gathered to discuss the issue of “Net Neutrality,” an important and sensitive issue for Internet Service Providers.
Most of the time, Cyber Monday attacks have taken the form of phishing scams and theft of data such as credit card numbers and email addresses. There have not been many major DDoS attacks on Cyber Monday, but with the way DDoS attack trends are going, there is still reason for concern.
Hosting providers and/or the tenants they serve experience distributed denial of service (DDoS) attacks on a daily basis. Some attacks are large and noticeable, but the vast majority go unnoticed unless the provider has a granular DDoS detection solution.
Ransomware, Trojans, Malware, and distributed denial of service (DDoS) attacks are some of the most common types of threats. Each has different vectors and flavors, and each brings its own risks and costs. IT pros clearly need multiple layers of security, but which layers are most important?
If your water utility delivered contaminated water into your home, you’d probably complain; of course consumers expect clean, potable water from their water utilities. Likewise, enterprise customers have begun to realize that “dirty” Internet traffic threatens their availability, security and bottom line, so they increasingly demand “clean pipe” from their Internet Service Providers (ISPs).
When the Rio Olympic Games began last week, several websites associated with the Games and the Brazilian government were hit by DDoS attacks. But beware; hackers don't attack only high-profile websites.
A DDoS attack on an Internet Service Provider (ISP) earlier this week crippled Internet service throughout Mumbai, India, which clearly demonstrated why it’s so important for ISPs to have DDoS protection.
The popularity of the online game Pokémon GO has exploded like wildfire in a matter of days (as anyone who does not live under a rock knows). It took only a few days for cyber hackers to find a way to cripple the online game with two apparently separate DDoS attacks that caused service disruptions and outages.
New anti-DDoS technology is not only more effective than ever, it’s also more affordable. Here's a list of five tips to guide hosting providers in their strategy to protect their networks and their customers’ networks from DDoS.
Most DDoS attacks are not large, volumetric attacks, and DDoS hackers target all kinds of organizations, not only big, household name companies or government agencies. No website or online application is immune to DDoS, and any size DDoS attack is cause for alarm. You see, DDoS is not just a web availability issue; it’s a security issue.
A massive botnet DDoS attack, composed of approximately 25,500 compromised closed-circuit television (CCTV) systems, has been ongoing for the past few weeks, attacking various businesses across the globe. A firewall offered no protection.
A recent KPMG study showed that 1 in 10 banking executives didn't know if their bank had been hacked. Bank executives need to realize how easily hackers breach networks by using Dark DDoS attacks as a smokescreen.
In a recent survey, 30% of respondents said their enterprise relies on traditional security infrastructure products (firewall, IPS, load balancers) to protect their businesses from DDoS attacks. Unfortunately, those companies are still very vulnerable to DDoS attacks.
It's a challenge for network security professionals to detect, never mind block, every intrusion. What’s troubling is how much time it can take for an organization to realize that its security system has been breached.
Human intervention is insufficient for most cyber security attacks because humans can’t immediately see every attack, and they certainly can’t respond fast enough (in real time) to block all infiltrations.
This week ushered in several news articles about recent DDoS extortions that turned out to be scams conducted by some hackers who pretended to be part of the Armada Collective. Some businesses paid the ransom fee, but they could have avoided the entire problem if they had adequate DDoS protection in place.
Last week the Janet Network, the government-funded educational network used by many universities in the United Kingdom, experienced another serious DDoS attack. Universities can’t afford to adopt a “whack-a-mole” approach to DDoS attacks. They need real-time, automatic protection against DDoS attacks to protect network services, maintain availability and protect users and their confidential data.
There are millions of connected devices that comprise the Internet of Things (IoT), which leads to many security weaknesses that DDoS hackers can leverage. By using amplification techniques on the millions of very high bandwidth density devices currently accessible, such as baby video monitors and security cameras, DDoS attacks are set to become even more colossal in scale.
For today’s internet-driven businesses, any service degradation or outage can have a detrimental impact on brand, customer loyalty and the bottom line. Increasingly, such incidents are being caused by Distributed Denial of Service (DDoS) attacks, and this is one area where telecoms can take leadership.
Cyber attacks are on the rise, affecting all kinds of organizations, yet there is a shortage of cybersecurity employees who know how to prevent and manage cyber threats. Small to medium-sized businesses are increasingly turning to Managed Security Service Providers (MSSPs) for help.
Staminus, a global hosting and Web security firm, suffered a major blow late last week when it became the victim of a security breach. Staminus is a hosting provider and provider of cloud-based DDoS mitigation services.
Xbox Live is again making headlines, but not in a good way. Earlier this week the company suffered various service outages that kept thousands of Xbox gamers at bay. The rumor—unconfirmed by Xbox Live—is that the outages may have been caused by a series of distributed denial of service (DDoS) attacks. Regardless of whether this incident was caused by a DDoS attack, it is well-known that DDoS hackers love to wreak havoc with online gaming companies.
The “2016 Cost of Data Center Outages Report,” published recently by Emerson Network Power in conjunction with the Ponemon Institute, states that unplanned data center outages cost companies nearly $9,000 per minute, and the second most common cause of outages was cybercrime, specifically Distributed Denial of Service (DDoS) attacks.
Whether motivated by greed, cheap thrills or politics, DDoS hackers wreak havoc on websites. The best protection is prevention: defensive solutions that can detect and stop DDoS hackers in their tracks before they do any damage.
Corero is pleased to note that one of our customers, InMotion Hosting, has won PC Mag’s Editor’s Choice Award for The Best Web Hosting Services for 2016. One of the key factors for the win was uptime, which is increasingly recognized as the most important feature that hosting providers must offer to website customers. After all, if a customer’s website goes down, it’s difficult, if not impossible, for that customer to conduct business.