Category Archives: DDoS Vendors

DDoS Attacks Could Disrupt Brexit Negotiations

IT security professionals are bracing for DDoS attacks of unprecedented frequency in the year ahead, and are already preparing for attacks that could disrupt the UK’s Brexit negotiations and cause outages worldwide. That’s according to a survey from Corero Network Security, which found that more than half (57%) of respondents believe that the Brexit negotiations will be affected by DDoS attacks, with hackers using DDoS to disrupt the negotiations themselves, or using the attacks merely as camouflage while they seek to steal confidential documents or data. The latter “hidden attack” scenario is on the radar of many, and it generally involves the use of smaller, low-volume DDoS attacks of less than 30 minutes in duration. As Corero found in its research, these Trojan-horse campaigns typically go un-mitigated by most legacy solutions, and are frequently used by hackers as a distraction mechanism for additional efforts, like data exfiltration. About 63% of respondents are worried about these hidden effects of these attacks on their networks— particularly with the GDPR deadline fast-approaching, where organizations could be fined up to 4% of global turnover in the event of a data breach. At the same time, worryingly, less than a third (30%) of IT security teams have enough visibility into their networks to mitigate attacks of less than 30 minutes. Meanwhile, many in the industry expect to see a significant escalation of DDoS attacks during the year ahead, with some (38%) predicting that there could even be worldwide Internet outages during 2017. As for who’s behind the growing wave of attacks, the perpetrators are generally financially motivated, IT pros said—despite continued discussions about nation-state attackers or political activism. Security teams believe that criminal extortionists are the most likely group to inflict a DDoS attack against their organizations, with 38% expecting attacks to be financially motivated. By contrast, just 11% believe that hostile nations would be behind a DDoS attack against their organization. This financial motivation explains why almost half of those surveyed (46%) expect to be targeted by a DDoS-related ransom demand over the next 12 months. Worryingly, 62% believe it is likely or possible that their leadership team would pay. “Despite continued advice that victims should not pay a ransom, a worrying number of security professionals seem to believe that their leadership teams would still consider making a payment in the event of an attack,” said Ashley Stephenson, CEO of Corero. “Corporations need to be proactive and invest in their cybersecurity defenses against DDoS and ransomware to protect themselves against such extortion.” The good news is that the vast majority of security teams (70%) are already taking steps to stay ahead of the threats, such as putting business continuity measures in place to allow their organizations to continue operating in the event of worldwide attacks. However, they also agree that some responsibility for DDoS protection lies with the ISPs; and about a quarter of those surveyed (25%) believe their ISP is primarily to blame for not mitigating DDoS attacks. At the end of 2016, the head of Britain’s new National Cyber Security Centre suggested that the UK’s ISPs could restrict the volume of DDoS attacks across their networks by rewriting internet standards around spoofing. Continued discussions on this topic have led nearly three-quarters of respondents (73%) to expect regulatory pressure to be applied against ISPs who are perceived to be not protecting their customers against DDoS threats. “While most in the IT security industry wouldn’t expect their ISP to automatically protect them against DDoS attacks, there is a growing trend to blame upstream providers for not being more proactive when it comes to DDoS defense,” said Stephenson. “To help their cause, ISPs could do more to position themselves as leading the charge against DDoS attacks, both in terms of protecting their own networks, and by offering more comprehensive solutions to their customers as a paid-for, managed service.” Source: https://www.infosecurity-magazine.com/news/ddos-attacks-could-disrupt-brexit/

Read the original:
DDoS Attacks Could Disrupt Brexit Negotiations

So, FCC, how about that massive DDoS? Hello? Hello…? You still there?

Like trying to get blood out of a stone Updated   America’s broadband watchdog, the FCC, has declined to spare any more details on the cyber-assault that supposedly downed its website shortly after it announced its intent to kill net neutrality.…

More:
So, FCC, how about that massive DDoS? Hello? Hello…? You still there?

Organizations Must Adapt to Evolving DDoS Attacks

Distributed Denial-of-Service (DDoS) attacks are becoming larger, more frequent, and more complex than ever before. According to Arbor Networks’ 12 th Annual Worldwide Infrastructure Security Report (WISR), attack size has grown 7,900% since its initial report – a compound annual growth rate (CAGR) of 44%. The most recent attacks are significantly larger than anything previously seen, and can now disrupt even the largest internet service providers. This data shows that DDoS attacks have become more than just a nuisance: they are rapidly increasing in size and now threaten to disrupt core Internet infrastructure. Within the broader spectrum of risks for corporate security and IT decision makers, DDoS attacks present a nettlesome and growing challenge for several reasons. First, while the underlying technology behind DDoS attacks hasn’t changed much, the number of internet-connected devices in the world that can be compromised has dramatically increased. In addition, the level to which DDoS attacks have become automated and commoditized has also increased. The Mirai-enabled attacks showed off the former; they used an army of internet-connected IoT devices to generate unprecedented levels of traffic. In the past, a connection to the internet required significant hardware and expense. These days, even light bulbs can be connected to a network, which provides a lot more sources for traffic. Second, the amount of skill required to successfully run a DDoS attack has been lowered over the last twenty years. While large attacks such as Mirai take some amount of coordination and planning, in many cases a connection to the right forum and a small amount of money ($50-100) can buy you a short attack that can take down unprotected web services. Why DDoS attacks are hard to prevent The best way to think about the DDoS problem is to imagine a river system, like the Mississippi or Columbia. At the end of those systems, where they meet the ocean, it’s very obvious that there’s a lot of water moving through those rivers: but at the source of all that water — at the little tiny creeks and streams and rivulets where the water first gathers — those sources don’t necessarily look like that much. Volumetric-style DDoS attacks, whereby attackers simply flood a target with more data than their connection can handle, use a similar effect: each network only cares about sending IP packets to the “next hop”, without a holistic view or awareness of what the total, internet-wide traffic picture looks like. So, at the source of a DDoS attack, it can be difficult to differentiate between someone uploading a file and someone perpetrating an attack. What actually matters is whether that one traffic flow joins together with a bunch of other traffic to form a giant river, or if the traffic flow is bounced off a server in such a way that it magnifies the size of the traffic many-fold. In either case, by the time you notice that you’ve got a really huge river of traffic coming at you, it may already be too late. Emerging approaches to combat DDoS attacks A promising approach to DDoS can be found with the DDoS Defense for a Community of Peers (3DCoP) project, which uses peer-to-peer collaboration so that like-minded organizations (such as a group of universities, government agencies, banks, or ISPs) act together to rapidly and effectively detect and mitigate DDoS attacks. With a peer-to-peer collaborative approach, the target of a DDoS attack can send out distress calls to the origin of any traffic it sees. The receivers of these distress calls can then take a look at the traffic they’re seeing, and either pass that message on appropriately or take local action. Universities, for example, might learn that what looks like normal traffic coming out from one of their student labs looks like a big attack to a target, and use this information to shut off or rate-limit that lab. Other approaches involve technologies like BGP FlowSpec, an improvement over conventional IP blacklisting. FlowSpec allows a victim of a DDoS to ask its upstream service providers and intermediate networks to block specific kinds of traffic, with a good level of granularity. Organizations can also relocate services into the cloud, as some cloud operators deploy sensors that can detect and mitigate attacks earlier. Unfortunately, today’s largest attacks are too large for cloud operators to handle, and the attacks may impact geographic regions or critical internet infrastructure. In the end, there are a variety of methods to filter and redirect traffic, especially for those systems housed in the cloud. However, for the biggest attacks, and for institutions that cannot create replicated versions of their systems in the cloud, techniques such as 3DCoP are key in mitigating DDoS risk. Specifically, we believe that it is only through rapid, real-time collaboration that DDoS attacks can be correctly identified, sourced, and addressed; without such collaboration, institutions must rely on phone calls and manual router updates, while a river crashes down around them. Source: https://www.infosecurity-magazine.com/opinions/organizations-adapt-evolving-ddos/

Continue Reading:
Organizations Must Adapt to Evolving DDoS Attacks

Two Iranians Charged With Hacking US Defense Contractor

The US Department of Justice (DOJ) unsealed an indictment on Monday against two Iranian nationals accused of hacking a US company and stealing software used in ammunition design. The two suspects are Mohammed Reza Rezakhah, 39 and Mohammed Saeed Ajily, 35, both Iranian businessmen. According to the indictment, Ajily ran a company named Andisheh VesaJ Middle East Company, which he used as a front to obtain and sell software in contravention of Western sanctions against Iran. Ajily’s customers included Iranian private companies, but also Iranian military and government entities. Rezakhah ran his own company called Dongle Labs, which provided DRM and license cracking services. Rezakhah was one of the many hackers Ajily hired to steal software from Western companies. The two orchestrated the 2012 hack of Arrow Tech DOJ officials claim that in 2012, Ajily hired Rezakhah to hack and steal software from a US company called Arrow Tech. The indictment says that Rezakhah, together with another accomplice named Nima Golestaneh, rented a server that they used on October 22, 2016, to hack into the Arrow Tech website and adjacent network. Officials say the two hackers stole a software application named Projectile Rocket Ordnance Design and Analysis System (PRODAS), created by Arrow Tech to aid in the design of bullets, missiles, and other military projectiles. Rezakhah cracked the program, which he later supplied to Ajily to market in the Iranian market, but also elsewhere outside the US. Group worked together for at least six years While officials brought charges only for hacking Arrow Tech, the indictment also claims that Ajily and Rezakhah worked together for years, between 2007 and 2013, hacking several targets and stealing software. The FBI also claims that Ajily had many other partners and hackers that he used to obtain his software, along with a network of companies that he used to sell the stolen goods. US officials charged the two suspects with criminal conspiracy relating to computer fraud and abuse, unauthorized access to, and theft of information from, computers, wire fraud, exporting a defense article without a license, and violating sanctions against Iran. A US judge has issued a warrant in their names. Their partner, Nima Golestaneh pleaded guilty to hacking Arrow Tech back in December 2015. In March 2016, the US also charged seven Iranian nationals on accusations of launching repeated DDoS attacks and orchestrating hacks of industrial SCADA equipment on the behest of the Iranian government. Source: https://www.bleepingcomputer.com/news/security/two-iranians-charged-with-hacking-us-defense-contractor/

Read the original:
Two Iranians Charged With Hacking US Defense Contractor

Can Cloud Storage save you from Ransomware Attacks?

Step by step, our personal and work lives are being transferred online and instantaneous connections, real-time cooperation, and free flowing information come at a price. Yes, cybercrime is hardly something new but the recent rise in global ransomware attacks are putting the question of online security into the spotlight and under scrutiny. The hackers are getting more and more inventive, and it’s becoming harder for the individual as well as companies to protect themselves. What can be done? Can cloud storage save us from ransomware? Cloud Storage vs. Ransomware Cloud created a revolution in data storage. It’s cost-effective, easy to access and typically very well guarded. The convenience is reflected in its widespread use. A report by RightScale found that 82% of companies were already using multi-cloud storage strategies. According to a report by Intuit, 78% of small businesses will fully rely on cloud services by 2020. This mass migration of business of all sizes to cloud space rendered it an extremely attractive target. Sadly, the NotPetya ransomware made it clear that ransomware has gone beyond local and physical storage, and can hit everywhere. Although being publicized as on one of the safest storage options, the cloud is not an exception to the threat. Let’s Be Realistic The best way to stay protected is to be realistic and keep informed about the capacity and power of the services on which you are relying. As such, cloud storage is not a magical bulletproof solution that will graciously save you from the ransomware. To be able to withstand ransomware and other types of attacks, cloud and collaboration services need to start implementing or strengthening solutions that allow for real-time visibility, greater control, data loss prevention, and so forth. If hackers are getting more creative, the levels of security need to follow and surpass them. How to Leverage Cloud Storage Despite the cold splash of reality, not all is lost. Cloud storage can be a valuable partner in crime or – better said – your partner in preventing crime. Scalability – Regardless of shortcomings, cloud services are still best equipped to act as a failsafe and protect you from ransomware today and in the future. Being flexible and scalable in essence, cloud services enable us to keep up with the changes and developments in the malware landscape. In other words, while the nature of the attack is unlikely to change, the delivery method will and cloud services have the agility to adjust aptly. Security Layers – In most cases, the layers of security over cloud are considerably better than of any other private server. Typically, clouds are a sophisticated combination of elaborate access controls and encrypted technology with the capacity to expand. Plus, many of them provide protection against DDoS attacks which makes them all the more useful. Backups – Due to reliability and resiliency, backing up your data with a cloud storage is far more efficient. When stored on local storage, frequent backups consume a lot of storage resources and negatively affect computer performance. With the cloud, backups of your information, data and documents can be frequent, and the streamlined failover process provides you with the comfortable safety of backup recovery. A recommended approach is to rely on several clouds simultaneously which provides a much more expansive protections without excessively high costs or unbearable complexity. How do you know cloud is worth your time? According to MarketsAndMarkets, the cloud security market will be valued at impressive $8.71 billion by 2019, so companies are ready to invest more and more to improve and strengthen the safety of the cloud environments from malicious attacks. Cloud storage, although not the ultimate weapon against ransomware attacks, is by far one of the most efficient ways to protect your information without excessive spending or applying overly complicated scenarios. It’s also most likely to scale and thus continue withstanding cybercrime in the future. Nonetheless, it is crucial you select your cloud service carefully as not all are equal. Source: http://www.dos-protection.co.uk/wp-admin/post-new.php

View the original here:
Can Cloud Storage save you from Ransomware Attacks?

Cloud is adding to network complexity, report says

A third of respondents indicated that the cloud adds the greatest network complexity to their organisation. Cloud adoption is still the ‘most vexing factor’ in increased network complexity, according to a new report by Kentik. The report, based on a poll of 203 IT professionals attending the Cisco Live 2017 annual conference, says cloud adoption is followed by IoT, SDN, and networks functions virtualisation (NFV). It also says that most organisations still aren’t ready for network automation, even though machine learning is seen as ‘important technology for network management’. More than a third (36 per cent) of respondents said cloud adds the greatest network complexity to their organisations. They can still improve operational visibility for cloud and digital business networking, it was added. According to the report, organisations need to be able to spot DDoS attacks better. A third (32 per cent) said they’re using DDoS detection technology. The majority of organisations (70 per cent) says using the same stack of tools to manage both network performance and security hinders operational efficiency. More than half (59 per cent), however, added that their organisation is not yet using the same stack of tools. “There is a lot of noise in our industry right now about intuitive systems and new-age machine learning that can monitor, identify and react to network conditions before issues occur. However, dozens of our largest customers have been telling us, and our survey results from Cisco Live support, that the key 2016 and 2017 enterprise efforts have focused on getting complete visibility into increasingly hybrid network complexity; detecting and preventing DDoS; and integrating tools that can provide operational and business value from network analytics,” said Avi Freedman, co-founder and CEO of Kentik. “Full automation outside of constrained data centre and cloud topologies is still a vision that customers are tracking, but network operators say that they need deeper and comprehensive visibility into their network’s performance and security before they can let their networks run autonomously.” “Real-time network traffic intelligence is a critical component for network operators supporting their organizations with digital transformation,” he added. Source: http://www.dos-mitigation.com/wp-admin/post-new.php

Visit site:
Cloud is adding to network complexity, report says

The Five Biggest Security Concerns After Petya And WannaCry

With many organisations still reeling in the aftermath of the Petya and WannaCry ransomware attacks, it’s not only sensible, but crucial, that they analyse what other dangers they face in the digital age. When TalkTalk was hacked in 2015, the company lost up to £60m and approximately 101,000 customers, and the damage to the organisation’s reputation was huge. CIOs must avoid this fate, by proactively looking at today’s big security concerns in order to protect their company tomorrow. Security vectors evolve rapidly because the malicious parties responsible are constantly innovating. Many cybercrime operations have organisational charts similar to legitimate businesses and use best practices for management, marketing, pricing and operations etc. To combat this cybercrime wave, companies are ploughing money into efforts to protect themselves. So much so that IDC expects spending on security technology to reach $81.7bn in 2017.  In light of this, what are the biggest security concerns organisations face today?     1.  Data Obfuscation and Ransomware Firstly, ransomware, as illustrated by the Petya, WannaCry and CryptoLocker attacks, are set to continue. These attacks affect the real-time information that underpins business transactions creating chaos in the process. Unfortunately, intelligence agencies believe that this is not only a real and present danger, but also an inevitability. As such, it’s crucial that companies not only encrypt their sensitive information, but also regularly back up this data to hard drives that aren’t connected to the wider network. Leaking Intellectual Property As we have already witnessed, with the threat of release of the latest Disney movie or the theft of the NetFlix series, ‘ Orange is the New Black’ , one new form of cyberattack concerns the unauthorised release of Intellectual Property (IP). Many companies across the globe still do not have systems secured adequately and regularly fail to patch against known vulnerabilities. This is the equivalent of leaving the keys in front door and all your valuables stacked neatly in the hallway. It is vital that companies have full visibility across their technology portfolio and regularly update their security software and patches. The Internet of Things (IoT) Intel estimates that by 2020, the number of devices connected to the Internet of Things   (IoT) will increase from 15 billion to 200 billion. This includes everything from pacemakers to refrigerators to connected cars to our clothing. The platforms these devices are built on often have little or no security. Most operate a self-regulation model; and as a result they are very vulnerable to hacking. This was evidenced during the 2016 Dyn attack, which consisted of multiple distributed denial-of-service (DDoS) attacks using a network of hacked internet connected devices. Companies must carefully review the security of devices before connecting them to the network, as they often serve as vulnerable gateways for hackers to exploit. Artificial Intelligence and Machine Learning Artificial Intelligence (AI) and machine learning are increasingly being used to combat cyber threats. However, access to such tools and platforms is still expensive and beyond the reach of many organisations. This is both a blessing and a curse as when the cost of these technologies falls, hackers will invest in these solutions to further their own criminal exploits. As a result, attacks will be automated and have the ability to morph and change on their own, to continue to spread and create widespread destruction in short periods of time. In comparison, the spread of WannaCry will look like the work of children. These exploits will be more lethal, faster and much more dangerous. This means that not only will companies need to invest in new security technologies as soon as they become available and affordable, but must ensure they follow all best practices religiously – such as encrypting and backing up sensitive data. Quantum Computing  This may be the single biggest threat to cybersecurity that no one is paying attention to. Using quantum computers, which can compute vast quantities of information and massively accelerate computing processes, criminals could crack virtually any encryption mechanism currently used for our most sensitive online tasks – such as online banking and sharing electronic health records. While this threat might yet seem unrealistic, technology is advancing at a rapid rate and this may well become a future factor. While ransomware attacks have grabbed the headlines due to the widespread ramifications of Petya and WannaCry, there are other cyber-threats that organisations need to be concerned about. However, they needn’t lose too much sleep as long as they are following security best practices – such as encrypting data, backing up all sensitive information, and automating the renewal of security patches and licenses – which can mitigate vulnerability to an attack. Source: http://www.informationsecuritybuzz.com/articles/five-biggest-security-concerns-petya-wannacry/

Read this article:
The Five Biggest Security Concerns After Petya And WannaCry

5 Ways To Profit From The $24 Trillion Cyber War

Business is under attack to the point of all out cyber war, and there is nowhere more lucrative right now than cyberspace, where a $200-billion-plus market is ripe for investors looking to turn profits that make the pre-bubble dot.com era look like chump change. There are plenty of catalysts, thanks to hackers who most recently managed to hijack the systems of one of the biggest shipping companies in the world, one of the biggest pharmaceutical companies in the world and thousands of others—forcing them to pay ransom in bitcoins to get their data back. There will be no slowdown in cyber-attacks. On the contrary, by 2019, IDC research estimates that 70 percent of major multinational corporations will “face significant cybersecurity attacks aimed at disrupting the distribution of commodities.” Cybersecurity stocks were soaring already—especially since hackers in May managed to take control of tens of thousands of computers. But the late June perfection of cyber kidnapping for ransom has caused stocks to spike by 4 percent or more. According to giant Cisco, there was a 172 percent jump in DDoS (distributed denial-of-service) attacks in 2016, and we’ll be looking at a near tripling of that by 2021. Just in the first quarter of this year there was a reported 380 percent increase in DDoS attacks, according to Nexusguard. Data breaches cost businesses $5.85 million EACH in 2014. This year, that bill will be in the neighborhood of $7.35 million. In total, last year, cybercrime cost the global economy over $450 billion. The cyber-attack on global business in May this year alone could end up costing $4 billion. So, giant multinational corporations are willing to pay a lot for better cybersecurity—and cyber insurance. Global spending on cybersecurity will hit $1 trillion over the next five years, and cybercrime damages will exceed $24 trillion over the same period, according to the Steven Morgan Cybersecurity Industry Outlook: 2017 to 2021. And this is where the big profits are available for the taking. For the foreseeable future, nothing is more lucrative than data security. Here are our top 5 picks as cybersecurity becomes THE most critical industry of our time: #1 FireEye, Inc. (NASDAQ:FEYE) This is one of the most impressive cybersecurity barnstormers out there. It only went public in September 2013, and by December that same year it was spending $1 billion on a major acquisition, Mandiant, which was one of the top data breach and response companies in the space. This is now a massive and fast-growing company of highly sought-after cyber experts and products, all rolled into a cloud-based platform that is a favorite among key Fortune 500 companies, not to mention Global 2000 companies. There was a very aggressive acquisition spree here—and last year the company moved into the black. FireEye peaked in mid-2015 at $55 a share, and then slid to under $11 in mid-March this year. But since then, it’s gained 42 percent and the trajectory looks fantastic, especially in the current cyber warfare climate. #2 Identillect Technologies Corp. ( TSXV:ID ; IDTLF:US ) This is a little-known company sitting in pole position in a $64-billion market that is up for grabs. It’s come up with a two-minute email security solution that could revolutionize encryption, and could corner the lion’s share of the profits in this segment. Half of all email is unencrypted—and it’s at the mercy of pretty much anyone with decent hacking skills. Existing encryption programs are expensive and can take a month to install, but this company is breaking onto the scene with a simple, 2-minute email install solution. It works with Outlook, Office 365, Hotmail, Gmail…PLUS a phone “app” that works on iPhone, Android, Windows and more. There are only 250 professional cryptographers in the U.S… and two of them work at Identillect – a major selling point for this company coming right out of the gates. Customers are lining up because it’s the first solution to a long-time problem that’s now reaching a climax, with companies being fined for NOT encrypting email. They’re already paying an average of $7 million for every data breach. This company is on its way to Silicon Valley, and its patent on the first easy solution to a massive problem is likely to get it a lot of attention in the form of M&A rumblings that dot this cybersecurity landscape. Even more so right now. Since it went commercial in the first quarter of 2015, subscribers have grown over 663 percent, and 19 out of 20 of them stay. They’re compounding monthly, and the breakeven point is almost there. That’s why we’re looking at a 70 percent profit margin in this one. With 5 million Yahoo accounts breached in just one of many huge-scale incidents, encryption is the Holy Grail of our day, and this company has figured out how to make it cheap and easy. #3 Palo Alto Networks  (NYSE:PANW) For expansion, this $12.7-billion market-cap company is a top pick with its sales of next-generation firewall solutions. It covers 150 countries and it protects data infrastructure of at least 85 Fortune 100 companies and—even better—more than half of the Global 2000. That’s some major market share at a time when there is nothing short of corporate panic over data infrastructure protection. It even beat its own outlook. We’re looking at mind-blowing record earnings ($431.8 million in fiscal Q3). This is the clear advantage in the cybersecurity space right now—and it’s all about continual, relentless expansion. #4 Intel Corporation (NASDAQ:INTC) Nothing dominates the semiconductor industry like INTC. We’re looking at over seven divisions here, but the Client Computing Group (CCG) and the Data Center Group (DCG) are the big ones in terms of financial performance, accounting for 87 percent of the company’s total sales last year. INTC dominates the PC market and the server microprocessor market, and its PC chip market share can be as high as an unbelievable 99 percent. Still, some might say this pick is the counter-intuitive one, but…not really. INTC stock has taken a major beating, but with this sector on fire like no other, this is your way in with the giants in this field. INTC had an official correction this year and April earnings caused Wall Street to beat it down. But INTC is still 10 percent higher than last year, regardless. It’s cheaper than its competitors right now, so this may be a buying opportunity. What investors are afraid of, though, is one competitor in particular…our next pick… #5 Advanced Micro Devices, Inc.   (NASDAQ: AMD ) This stock has seen some unbelievable performance over the past year, and that’s why INTC investors are shying away. But while AMD has been impressing beyond belief, we list it as #5 because it’s largely thanks to enthusiasm and future expectations—so there may be a pullback soon. This is the time to keep a close eye on AMD, but also to be very careful about watching whether the company is now going to actually achieve its goals—because the expectations are quite high and now much more is at stake. It’s the right industry to be doing this in, certainly… While AMD had a truly dynamic growth spurt that began in March last year, since February this year, it hasn’t reached any new highs, and the launch of its Ryzen line of products wasn’t embraced by the market with as much excitement as expected. Now things are getting a bit more volatile, which is why INTC might be a better pick right now. Honorable Mentions in the Cybersecurity Space BlackBerry Ltd. (TSE:BB): Forget about the BlackBerry as something you hold—an electronic gadget. This company is back better than ever with software for industrial customers, including security software and services to stop hackers. Quarterly earnings at the end of March were impressive, and April news of a $1-billion cash win from arbitration with Qualcomm can fund more growth. This is the NEW BlackBerry. Absolute Software Corporation (ABT.TO): Absolute Software Corp provides endpoint security and data risk management solutions for commercial, healthcare, education and government customers, tablets and smartphones. Absolute has seen a strong 21% stock growth year to date and is expected to see strong growth as the cyber security market grows at a rampant pace. Avigilon (TSX.AVO): Avigilon develops, manufactures, markets and sells HD and megapixel network-based video surveillance systems, video analytics and access to control equipment. We expect strong continuous growth in the video analytics business and a company such as Avigilon is well positioned to capture market share in the Canadian markets. Sandvine Corporation (TSE:SVC): Ontario is seeing some a vibrant cybersecurity as well, Sandvine corp. is engaged in the development and marketing of network policy control situations for high-speed fixed and mobile Internet service providers. Products include Business Intelligence, Revenue Generation, Traffic Optimization and Network Security. The company has grown 52% year-to-date and we expect strong growth throughout 2017. Pivot Technology Solutions Inc. (TSX:PTG): Pivot focuses on the strategy to acquire and integrate technology solution providers, primarily in North America. It sells and supports integrated computer hardware, software and networking products for business database, network and network security systems. Pivot has seen explosive growth so far this year and we expect the current cyber threats to add to the already strong sentiment in cyber security stocks. Source: http://www.baystreet.ca/articles/stockstowatch.aspx?articleid=31275

More:
5 Ways To Profit From The $24 Trillion Cyber War

Short, low-volume DDoS attacks pose greatest security and availability threat to businesses

How can your organisation defend against constant DDoS attacks? Think what you can’t see can’t hurt you? A new report from Corero Network Security has shown that, when it comes to DDoS attacks, this is definitely not the case. The report suggests that the barrage of short, low volume DDoS attacks – which often go undetected by IT security staff and many DDoS protection systems – are in fact, the greatest DDoS risk for organisations, because they frequently go undetected and often mask more serious network intrusions. According to the DDoS Trends and Analysis Report, these short, stealth DDoS attacks are often used to disrupt and distract network operators. Typically less than 10Gbps in volume and less than 10 minutes in duration, these sub-saturating attacks are capable of knocking a firewall or intrusion prevention system (IPS) offline so that hackers can target, map and infiltrate a network to install malware and engage data exfiltration activity. These hidden motives have led Corero to describe this type of attack as “Trojan Horse” DDoS. Stephanie Weagle, VP at Corero Network Security discusses the key findings from the report below, and what the increased frequency and sophistication of DDoS attacks means for organisations trying to defend against today’s evolving cyber threat landscape. What were the findings from your latest DDoS Trends report? “The research shows that short, frequent, low-volume DDoS attacks continue to be the norm. Despite several headline-dominating, high-volume DDoS attacks over the past year, the majority (80%) of the DDoS attack attempts against Corero customers during Q1 2017 were less than 1Gbps per second in volume. In addition, almost three quarters (71%) of the attacks mitigated by Corero lasted 10 minutes or less. In total, Corero customers experienced an average of 124 DDoS attack attempts per month, equivalent to 4.1 attacks per day during Q1 of 2017. This is a 9 percent increase in attacks over Q4 2016.” Since last year’s attacks on Krebs on Security and Dyn, have we entered a quiet phase in terms of DDoS attacks? “As the research shows, DDoS attacks are by no means slowing down. The DDoS incidents that are experienced on a daily basis are the short, low volume attacks—just because these attacks aren’t making the evening news, does not mean that they don’t occur. “ Why are these short, sub-saturating denial-of-service attacks so dangerous? “The Internet of Things (IoT) introduced a host of opportunities for DDoS hackers as these devices hold the potential for extremely large botnets. Corero has identified a 55% increase in large DDoS attacks of more than 10Gb per second, in the first quarter of 2017, compared to the previous quarter. However, low-volume, short duration DDoS attacks can also be dangerous. Our report discovered that 73% of attacks in Q4 2016 and 71% of Q1 2017 lasted 10 minutes or less. These attacks can be a smokescreen, designed not to outright deny service but to distract from an alternative motive, usually data theft and network infiltration. This allows hackers to perfect their attack techniques while remaining under the radar. In addition to service outages, latency and downtime, short attacks allow cyber criminals to test for vulnerabilities within a network.” Why would hackers choose to inflict these short attacks, rather than to cause large-scale outages? “These smaller, shorter attacks typically evade detection by most legacy and homegrown DDoS mitigation tools, which are generally configured with detection thresholds that ignore this level of activity. This allows hackers to perfect their attack techniques while remaining under the radar, leaving security teams blindsided by subsequent attacks.” Can you give any examples of these kind of attacks inflicting serious damage? “Luckily for Corero customers, dealing with the repercussions of DDoS is a non-issue. Attacks are mitigated instantaneously, and good user traffic continues to flow and reach its destination as intended. Outside of the Corero customer base, some widely publicized attacks that led to data breach activity include TalkTalk and Carphone Warehouse.” Which are the sectors or organisations that are most at risk of attacks? “The reality is that any business that relies on the Internet to conduct business is at risk of a DDoS attack. But service providers in particular will find themselves at an important crossroads in the near future, as pressure builds from both customers’ and governments’ sides regarding their responsibilities when it comes to protecting their customers. That said, ISP’s and hosting providers can take advantage of the DDoS opportunity to not only protect existing infrastructure and assets, but also roll out profitable and effective DDoS protection services.” Do these kinds of attacks represent an additional risk for organisations preparing for GDPR? “GDPR is the hot buzz word heard around the cyber security industry lately. The risk of data theft resulting from sub-saturating DDoS attacks is extremely serious, and claiming to be ignorant of malicious activity on your network will not substitute a defence. To keep up with the growing sophistication and organization of well-equipped and well-funded threat actors, it’s essential that organizations maintain a comprehensive visibility across their networks to detect and block any potential DDoS incursions as they arise.” How can businesses best defend themselves against the latest DDoS attacks? “The combination of the size, frequency and duration of modern attacks represent a serious security and availability challenge for victims. Minutes or even tens of minutes of downtime or latency significantly impacts brand reputation and, ultimately, revenue generation. When you combine the size, frequency and duration of attacks, and the low volume sub-saturating nature of the threats; victims are faced with a significant security and availability challenge. “Today’s DDoS attacks are almost unrecognizable from the early days of attacks, when most were simple, volumetric attacks intended to cause embarrassment and brief disruption. Nowadays, the motives behind attacks are increasingly unclear and the techniques are becoming ever-more complex. This is particularly true in light of automated attacks, which allow attackers to switch attack vectors faster than any human can respond. “To keep up with the growing sophistication and organization of well-equipped and well-funded threat actors, it’s essential that organizations maintain a comprehensive visibility across their networks to detect and block any potential DDoS incursions as they arise. Automated, real-time mitigation techniques must be in place to eliminate the repercussions of the full spectrum of today’s DDoS attacks.” Source: http://www.itproportal.com/features/short-low-volume-ddos-attacks-pose-greatest-security-and-availability-threat-to-businesses/

Visit site:
Short, low-volume DDoS attacks pose greatest security and availability threat to businesses

Are massive cyberattacks the new normal?

When domain name system services supplier Dyn got hit with a distributed denial of service (DDoS) attack last October, waves of traffic overwhelmed the company’s network and disrupted access to the internet for large swathes of the United States and Europe. The Dyn perpetrators had successfully orchestrated one of the biggest-ever DDoS attacks, powered by a botnet of Internet of Things devices. Whoever was responsible for the Dyn attack showed how easy it was to deploy the Mirai source code, which is publicly available and easy to obtain. Many botnets have since incorporated the code, raising concerns that even worse is yet to come. The Mirai botnet also serves as the basis of an ongoing DDoS-for-hire service. With the number of IoT devices in business now in the billions, the specter of crippling attacks targeting IoT installations found in industrial control systems or critical national infrastructure becomes a possibility. The security world got another reminder of the growing magnitude of the threat when attackers carried out the biggest ransomware attack in history in May, infecting computers operated by more than 200,000 people in 150 countries with the so-called WannaCry virus. Size doesn’t matter The proliferation of these more powerful tools and technologies used to launch cyberattacks means that anyone can get access to a cyberweapon and potentially wreak wide-scale havoc. The irony is that many organizations still fail to enforce basic measures that would otherwise protect themselves from attack. Too many remain unprepared and fail to take simple steps, such as patching software on a routine basis. In theory, attacks like WannaCry should be preventable. Indeed, there was no shortage of warnings that organizations were leaving themselves vulnerable by failing to update aging computer operating systems with the latest software patches. It’s up to IT to be on top of updates for patches issued for any open source software used by the organization, particularly when it comes to their IoT deployments. They also need to be mindful of the lack of security in the IoT ecosystem. According to an AT&T Cybersecurity Insights report, the world of IoT has become a digital Petri dish for hackers and other cybercriminals eager to probe for weak spots. Other IoT must-do’s: Many devices get shipped from the manufacturer preconfigured with usernames and passwords that hackers can locate using search engines. Change them immediately. As DDoS attacks grow ever larger, there’s obvious incentive to take measures that will block as many potential threats as possible at the edge of your network. Along with identifying your vulnerabilities, make sure there are multiple layers of security in place and configure your applications to make them better resistant to exploitation. Make sure there’s a good firewall in place along with rules to drop junk packets or reject unnecessary external protocols. An ISP can help by stopping unnecessary traffic upstream. Also, run constant network scans of the corporate network to locate any security holes before the bad guys find them first. A fail-safe defense may not exist but you can mitigate a threat that, unfortunately, is becoming the new normal in the security world. Source: http://www.csoonline.com/article/3200769/data-breach/are-massive-cyberattacks-the-new-normal.html

Link:
Are massive cyberattacks the new normal?