As DDoS attacks continue to rise, Power Admin takes a look at the stats and what can be done to help prevent such attacks damaging your business in 2014
“DDoS attacks should be a top security concern for organizations in the public and private sector in 2014”
“Expect future campaigns to be even more extensive and to last for extended periods. Organizations, particularly those that operate or have interests in industries that are already prime targets, such as financial services and energy, need to ask themselves, ‘Can we be resilient against a DDoS attack?’” - John N. Stewart, senior vice president and chief security officer at Cisco.
Attacks rose by 32.43% in 20132
The volume of attacks increased, with 10 out of the 12 months showing higher volume than the same months in 2012
Mobile apps and devices began to participate in DDoS attacks
Attacks were most likely to originate in Asian countries
Anyone that can rent a botnet can perform a DDoS attack
Smaller scale attacks are on the increase
Read More - http://www.slideshare.net/poweradmin/the-business-case-for-ddos-protection2
References:
http://www.esecurityplanet.com/network-security/5-tips-for-fighting-ddos-attacks.html
http://ddos-protection-services-review.toptenreviews.com/
http://www.cloudflare.com/ddos
http://www.itbusinessedge.com/slideshows/show.aspx?c=96534
The Growing Threat of Application Layer DDoS Attacks
http://www.us-cert.gov/ncas/alerts/TA14-013A
http://en.nsfocus.com/2014/news_0326/166.html
http://www.cisco.com/c/en/us/products/collateral/security/traffic-anomaly-detector-xt-5600a/prod_white_paper0900aecd8011e927.html
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
The Business Case for DDoS Protection
1. As DDoS attacks continue to
rise, Power Admin takes a look at
the stats and what can be done to
help prevent such attacks
damaging your business in 2014
The Business case for DDoS protection
2. John N. Stewart, senior vice president and
chief security officer at Cisco:
“DDoS attacks should be a top security concern for organizations
in the public and private sector in 2014”
“Expect future campaigns to be even more extensive and to last
for extended periods. Organizations, particularly those that
operate or have interests in industries that are already prime
targets, such as financial services and energy, need to ask
themselves, ‘Can we be resilient against a DDoS attack?’”
Cisco 2014 Annual Security Report
3. DDOS LANDSCAPE IN 2013
Attacks rose by 32.43% in 20132
The volume of attacks increased, with 10 out of the 12 months
showing higher volume than the same months in 2012
Mobile apps and devices began to participate in DDoS attacks
Attacks were most likely to originate in Asian countries
Anyone that can rent a botnet can perform a DDoS attack
Smaller scale attacks are on the increase
4. The major reason for committing a
DDoS attack in 2013 was political
Source: NSFocus3
5. Banks are the biggest target, followed by
government and enterprise
Source: NSFocus3
6. 93.2% of attacks last less than 30 minutes and
80.1% don’t surpass a traffic rate of 50Mbps
Source: NSFOCUS
8. Application layer threats are on the rise, with
smaller, more stealthy attacks being carried out more
frequently
Source: The Growing Threat of Application Layer DDoS Attacks – Arbor Networks
9. For large sites, consider further investment into
cloud mitigation services, these generally have:
• Specialist expertise in network
engineering and the latest
techniques employed by attackers
• Lots of bandwidth to help route
traffic for high volume attacks
• Lots of different mitigation
hardware and multiple filtering
layers
Invest in
the cloud
10. The winner in Top Ten Reviews for the best DDoS protection is Incapsula, which provides:
• Distributed network of data centers which cache site data
• Always-on service
• 24/7 support
• Prevents damage from a DDoS attack without the need to alter
hardware, software or website code
11. Even the biggest networks can be affected if targeted by a large scale attack.
Cloudflare’s European network suffered an attack in January 2014 which was the result
of one unnamed customer being targeted. The attack tipped the scales at 400 Gbps
Source: IT News Australia
Matthew Price, Cloudfare chief executive: “Someone's got a
big, new cannon" the attack was the "start of ugly things to
come".
12. CLOUDFLARE SUFFERED A NTP ATTACK:
According to US-CERT:
‘A Network Time Protocol (NTP) Amplification attack is an emerging form of
Distributed Denial of Service (DDoS) that relies on the use of publically
accessible NTP servers to overwhelm a victim system with UDP traffic.’
TO OVERCOME AN ATTACK OF THIS NATURE:
“…upgrade all versions of ntpd that are
publically accessible to at least 4.2.7”