DDoS DDoS Attack Specialist DDoS Attacks DDoS Defense DDoS Protection Specialist Stop Hackers
74 Percent of Companies that Suffer a Data Breach Don’t Know How It Happened
February 17, 2017
0

And just two thirds of IT pros say their current IT security budget is sufficient, a recent survey found.

According to the results of a recent survey [PDF] of 250 IT professionals, 34 percent of companies in the U.S. were breached in the past year, and 74 percent of the victims don’t know how it happened.

The survey, conducted by iSense Solutions for Bitdefender, also found that two thirds of companies would pay an average of $124,000 to avoid public shaming after a breach, while 14 percent would pay more than $500,000.

One third of CIOs say their job has become more important in their company’s hierarchy, and another third say their job has been completely transformed in the past few years.

And while nine in 10 IT decision makers see IT security as a top priority for their companies, only two thirds say their IT security budget is suifficient — the remainder say they would need an increase of 34 percent on average to deliver efficient security policies.

 Cloud security spending increased in the past year at 48 percent of companies, while the budget for other security activities remained the same.

On average, respondents say only 64 percent of cyber attacks can be stopped, detected or prevented with their current resources.

Separately, a survey of 403 IT security professionals in the U.S., U.K., Canada and Europe found that only three percent of organizations have the technology in place and only 10 percent have the skills in place to address today’s leading attack types.

The survey, conducted by Dimensional Research and sponsored by Tripwire, also found that just 44 percent of organizations have the skills, and 43 percent have the technology, to address ransomware attacks effectively.

“Most organizations can reasonably handle one or two key threats, but the reality is they need to be able to defend against them all,” Tripwire senior director of IT security and risk strategy Tim Erlin said in a statement. “As part of the study, we asked respondents which attack types have the potential to do the greatest amount of damage to their organization. While ransomware was cited as the top threat, all organizations were extremely concerned about phishing, insider threats, vulnerability exploitation and DDoS attacks.”

Respondents felt most confident in their skills to handle phishing (68 percent) and DDoS attacks (60 percent), but less confident in their abilities to deal with insider threats (48 percent) and vulnerability exploitations (45 percent).

Similarly, respondents felt more confident in the technology they have in place to address phishing (56 percent) and DDoS attacks (63 percent), but less confident in the technology to address insider threats (41 percent) and vulnerabilities (40 percent).

A separate survey of 5,000 U.S. consumers by Kaspersky Lab and HackerOne found that 22 percent of respondents are more likely to make a purchase if they know a company hired hackers to help boost security.

Knowing what they do about their own company’s cyber security practices, just 36 percent of respondents said they would choose to be a customer of their own employer.

Almost two in five U.S. adults don’t expect companies to pay a ransom if hit by ransomware.

When asked what types of data they would expect a company to pay a ransom for, 43 percent expect companies to do so for employee Social Security numbers, followed by customer banking details (40 percent) and employee banking details (39 percent).

Source: http://www.esecurityplanet.com/network-security/74-percent-of-companies-that-suffer-a-data-breach-dont-know-how-it-happened.html

DDoS DDoS Attacks DDoS Defense Denial of Service Attack Stop DDoS Stop Hackers
Blame the US, not China, for the recent surge in massive cyberattacks
February 16, 2017
0

The internet’s new scourge is hugely damaging global attacks that harness armies of routers, cameras, and other connected gadgets—the so-called Internet of Things (IoT)—to direct floods of traffic that can take down swaths of the network.

The blame so far has largely fallen on the Chinese manufacturers who churn out devices with shoddy security on the cheap. But all those devices have to be plugged in somewhere for them to used maliciously. And American consumers are increasingly the ones plugging them in.

1

Nearly a quarter of the internet addresses behind these distributed denial-of-service, or DDoS, attacks are located in the United States, newresearch from network services firm Akamai has found. Some 180,000 US IP addresses took part in DDoS attacks in the last quarter of 2016, it found—more than four times as many as addresses originating in China.

Akamai’s findings are particularly notable because the armies of hacked devices that carry out DDoS attacks—such as those controlled by the Mirai malware—don’t bother covering their tracks. That means the IP addresses are far more likely to genuinely correspond to a location within a certain country, the report’s authors write.

The findings also end an era of Chinese dominance in DDoS attacks. Over the previous year, China has accounted for the highest proportion of IP addresses taking part in such attacks globally. Now the US is the clear leader, accounting for 24% of such addresses. The UK and Germany are a distant second and third. (To be clear, though, wherever the attacking devices’ IP addresses are, the person controlling them could be located anywhere.)

2

The huge number of devices taking part in DDoS attacks in the US means regulation there, and in Europe, could stem the flood of damaging traffic. Of course, IoT regulation is a thorny issue—essentially, no US federal agency really wants to take the problem on—and there remain technical questions over how to actually go about blocking the attacks. Still, it’s a lot clearer now that simply pointing the finger at China isn’t enough.

Source: https://qz.com/912419/akamai-akam-report-a-quarter-of-ddos-ip-addresses-are-now-from-the-us/

Block DDoS DDoS DDoS Attack Specialist DDoS Attacks DDoS Defense DDoS Protection Specialist
Majority of DDoS Attacks in October-December 2016 Conducted From Germany, UK, US
February 15, 2017
0

According to reports, United States, the United Kingdom and Germany became the top three source countries for DDoS attacks in October-December 2016.

MOSCOW (Sputnik) – The United States, the United Kingdom and Germany became the top three source countries for DDoS attacks in October-December 2016, an Internet company dubbed Akamai said in report Wednesday, adding that the overall number of attacks in 2016 increased by 4 percent compared to previous year.

“The top three source countries for DDoS attacks were the U.S. (24%), the U.K. (10%), and Germany (7%). In the past year, China dominated the top 10 list of source countries. In Q4 2016, China dropped to the fourth position overall, with 6% of traffic,” the State of the Internet / Security Report said.

Russia became the fifth country in the list, with 4.4 percent of attacks.

“The average number of DDoS attacks remained steady this quarter [October-December 2016] at 30 per target, indicating that after the first attack, an organization has a high likelihood of experiencing another,” the report said.

The study notes that the number of IP addresses, used for DDoS attacks, significantly increased in the last quarter of 2016.

The report also provides data regarding attacks in January- September 2016, with China, the United States, Turkey and the United Kingdom being the top source countries for attacks.

Source: https://sputniknews.com/world/201702151050711562-ddos-atacks-internet/

DDoS DDoS Attack Specialist DDoS Attacks DDoS Defense DDoS Protection Specialist Stop DDoS
University suffers DDoS attack after it’s schooled by own IoT devices
February 14, 2017
0

Infected vending machines and light bulbs teach establishment a lesson.

A PLACE WHERE late stage teenagers go to drink and make arses of themselves has fallen victim to a denial of service (DDoS) attack of, essentially, it’s own making.

Yeah, we are talking about a university. We do not know what university it is, but Verizon’s breach report for 2016 tells us that the mysterious educational establishment, probably in the US, was taken to its knees by a DDoS attack that was brought about by its own bloody Internet of Things (IoT) devices.

It’s kinda like that Mirai thing, but on a much smaller, and more personally embarrassingly scale. We like to imagine that a connected toaster and a connected fridge had a fallout and that everything when bits up.

According to Bleeping Computer, which has had a cheeky look at the Verizon report, it was a bit more pedestrian than that.

“The DDoS attack was caused by an unnamed IoT malware strain that connected to the university’s smart devices, changed their default password, and then launched brute-force attacks to guess the admin credentials of nearby devices,” Verizon says as it explained that something fishy went down.

“Hacked devices would start an abnormally high level of DNS lookups that flooded the university’s DNS server, which in turn resulted in the server dropping many DNS requests, including legitimate student traffic. The university’s IT team said that many of these rogue DNS requests were related to seafood-related domains.”

The university has placed all IoT devices, such as light bulbs and vending machines, on its separate subnet, or perhaps in a bin. The security industry reckons that this is a signal of the kind of unprotected troubles to come. Naturally.

“On the surface this appears to be more of a prank than a sophisticated denial of service attack. However, proving that largescale IoT takeovers are possible should be a wakeup call to those who manage networks rife with unsecure IoT devices,” said Stephen Gates, chief research intelligence analyst at NSFOCUS by way of introduction.

“Municipal, Industrial, Commercial, and now Educational infrastructures are becoming more and more vulnerable, because organisations often carelessly deploy IoT without understanding the ramifications of weak IoT security.

“In this case the damage appears to be limited, and only inconvenienced users on a campus network.  Do the same to a transportation system, a chemical plant, a hospital complex, an E911 system, or an ISP, and the damage could be much, much greater.”

Source: http://www.theinquirer.net/inquirer/news/3004579/university-suffers-ddos-attack-after-its-schooled-by-own-iot-devices#

Block DDoS DDoS DDoS Attack Specialist DDoS Attacks DDoS Defense DDoS Protection Specialist Denial of Service Stop Hackers
What retailers need to know about cybersecurity
February 13, 2017
0

Annual global costs tied to destruction of data, intellectual property theft, lost productivity and fraud are on pace to reach $6 trillion by 2021. Here’s how retailers can avoid becoming a statistic.

Cybercrime is big business — and retailers are squarely in the crosshairs.

Cybercrime — the catch-all term applied to an ever-expanding range of digital assaults from malware to theft of personal data to distributed denial-of-service attacks (DDoS, i.e. coordinated traffic onslaughts on servers, systems or networks designed to make the target difficult or impossible for legitimate users to access) — is rapidly growing more common, more dangerous and more complex. Service interruptions from DDoS attacks alone surged 162% in 2016. Cybercrime is also growing more lucrative: Nearly 90% of all cyberattacks now involve financial or espionage motivations, according to the Verizon 2016 Data Breach Investigations Report. Corresponding annual global costs related to damage and destruction of data, intellectual property theft, lost productivity and fraud are on pace to grow from $3 trillion in 2015 to $6 trillion by 2021.

While the second half of 2016 brought to light three of the largest data breaches ever recorded (two raids on web platform Yahoo that impacted at least 1.5 billion accounts combined; the other affecting about 412 million accounts across social network Adult Friend Finder), retailers in fact experience the most cyberattacks of any industry sector — about three times as many as the previous top target, the financial industry — information and communications technology firm NPD Group reports. The list of victims is long and ignominious, and includes Target, Home Depot, Eddie Bauer and Vera Bradley.

The question isn’t if and when yet another retailer will fall victim in the weeks and months ahead, experts say, but simply where the wheel of misfortune will land next.

“You’ll never be able to put up perimeters and defenses to stop the behavior of malicious attackers. Organizations need to accept the fact that if they’re not breached today, they likely will be breached at some point in the point in the future,” Paul Truitt, vice president of cybersecurity services at managed network solutions firm SageNet, told Retail Dive. “Getting ahead of the criminal and stopping them before they do what they’re going to do is a losing battle. But acting quickly and having the processes in place to respond what it does happen is achievable, and if every organization had that in place, we could significantly shorten the average data breach notification and identification, and also create much less juicy targets for the bad guys.”

Threat assessment

Retailers are like catnip to cybercriminals because of the wealth of customer data stored on their networks. While hijacking credit card account data has long been the primary objective — about 42 million Target shoppers had their credit or debit information stolen when the retailer was breached in late 2013 — thieves are also keen to acquire personal data like names, mailing addresses, phone numbers and email addresses.

“There’s a lot of data around shopping habits and purchasing patterns now being stored by retailers — information they never had before,” Truitt said. “If you’re tying a loyalty program to a mobile payment program, those payment programs are bringing more sensitive data into the retail organization than in the past, and that’s what criminals are looking for.”

The threat isn’t lost on retailers. Fully 100% of retail executives surveyed for the 2016 BDO Retail RiskFactor Report cited data privacy and security breaches as major business risks, up from 55% in 2011 and 26% in 2007. But according to Truitt, relatively few retailers have advanced their cybersecurity efforts beyond implementing the basic safeguards necessary to meet payment card industry (PCI) security standards.

“[Cybersecurity] varies by retailer,” he said. “We still see a lot of retail organizations putting their eggs into the PCI basket. The feeling is that they’ve secured their organizations by meeting PCI compliance requirements, but in reality, the vectors of attack are outside what PCI mandates needs to be done. When you think about security programs focusing only on PCI at best, we’re going to see a lot of data continue to be exposed.”

The media fallout and brand damage associated with past merchant data breaches (not to mention the legal costs and governmental penalties, which can run into the millions) are driving retailer cybersecurity awareness and investment, says Robert Horn, associate director at insurance and risk management solutions provider Crystal & Co.

“Retailers have been forced to increase their cybersecurity because of the breaches we’ve had in the last several years. Your public perception takes a hit, there’s customer churn, and the fines and penalties are increasing,” Horn told Retail Dive. “Cybersecurity is getting much more attention from the C-suite. Before, just the IT director was involved. Now you’ve got legal, you’ve got corporate governance, you’ve got the CFOs and the CEOs wanting to know what’s going on.”

But knowing what’s going on is easier said than done, because cybercrime evolves with mind-boggling speed. What began two decades ago with relatively simple viruses and website attacks hatched by malcontents seeking internet notoriety has rapidly mutated into discrete, laser-targeted and highly sophisticated offensives masterminded by thieves, hackers and extortionists motivated by financial gain.

“There isn’t a single organization that can say they’re 100% secure,” Maarten Van Horenbeeck, vice president of security engineering at content delivery network Fastly, told Retail Dive. “But there are organizations that have the maturity and the smart people to say, ‘We understand what is happening, and we believe we know how to defend against it and how to protect our customer data.’”

Personnel and protection

Understanding what’s happening begins with identifying potential cracks in your armor. Verizon found that most attacks exploit known vulnerabilities that businesses failed to patch, despite software providers making patches available months or even years prior to the breach taking place. In fact, the top 10 known vulnerabilities account for about 85% of all successful exploits each year. Avoiding disaster also depends on recognizing the warning signs and criminal patterns: 95% of breaches and 86% of security incidents fall into nine established exploit patterns.

Building a more secure retail business begins with smart personnel decisions. “The single biggest thing an organization can do today is hire the right people. There are so many technologies out there,” Van Horenbeeck said. “It’s like putting together a puzzle of the correct pieces to make sure you’re defending yourself against attack. You need to hire the right people who understand that puzzle, and who know how to make the organization as safe as possible.”

Perhaps no retail security solution has generated more headlines and discussion than the fall 2015 shift from traditional “swipe-and-signature” credit and debit cards to chip-enabled EMV cards, a move designed in part to better protect consumers from escalating transaction fraud. While EMV (which takes its name from Europay, MasterCard and Visa, the three companies that created its chip-integrated standard) effectively blocks card cloning and other commonplace criminal tactics, its security innovations are limited to transactions where the physical card is present, meaning many cyberthieves are shifting their focus from brick-and-mortar stores to the web.

That means retailers dependent on e-commerce must embrace software solutions including end-to-end software encryption, a method of secure communication that prevents hackers, internet service providers or any other third party from accessing, stealing or damaging cardholder data or other information during its transfer from one system or device to another.

“Organizations that have made investments in EMV but did not invest in end-to-end encryption have a risk misperception,” said SageNet’s Truitt. “They believe they are secure, but they’ve only accomplished authentication of credit cards. They’ve accomplished nothing related to the security of the actual transaction. Many retailers that don’t have security teams internally, or that outsource their security fully and don’t have anyone with that knowledge in-house, has misinformed themselves about what EMV is doing. We’re going to see more organizations put fewer security controls in place and reduce some spend, because they think they have put the right security in place. But they’ve left themselves more exposed than they used to be.”

Beyond the basics, retailers should also consider adopting data loss prevention solutions to help monitor, manage and protect confidential data wherever it’s stored or used, as well as emerging tools like advanced behavioral authentication (methodologies that monitor headquarters and store employees’ attributes and behaviors to prevent imposters from accessing infrastructure and data), data-mining and visualization techniques, and security response automation.

There’s no time to waste. Experts anticipate cybercrime to continue to increase in the months to come, and warn that emerging technologies like the Internet of Things and advances in artificial intelligence present a multitude of new opportunities for attack. Only the strong will survive.

“It’s hard to predict what new threats will come about,” said Horn. “[Security] all comes down to putting resources into cybersecurity teams. A bad breach can put you out of business.”

Source: http://www.retaildive.com/news/what-retailers-need-to-know-about-cybersecurity/435567/