Category Archives: Security Websies

DDoS protection, mitigation and defense: 7 essential tips

Protecting your network from DDoS attacks starts with planning your response. Here, security experts offer their best advice for fighting back. DDoS attacks are bigger and more ferocious than ever and can strike anyone at any time. With that in mind we’ve assembled some essential advice for protecting against DDoS attacks. 1. Have your DDoS mitigation plan ready Organizations must try to anticipate the applications and network services adversaries will target and draft an emergency response plan to mitigate those attacks. [ Find out how DDoS attacks are evolving and bookmark CSO’s daily dashboard for the latest advisories and headlines. | Sign up for CSO newsletters. ] “Enterprises are paying more attention to these attacks and planning how they’ll respond. And they’re getting better at assembling their own internal attack information as well as the information their vendors are providing them to help fight these attacks,” says Tsantes. IBM’s Price agrees. “Organizations are getting better at response. They’re integrating their internal applications and networking teams, and they know when the attack response needs to be escalated so that they aren’t caught off guard. So as attackers are becoming much more sophisticated, so are the financial institutions,” she says. “A disaster recovery plan and tested procedures should also be in place in the event a business-impacting DDoS attack does occur, including good public messaging. Diversity of infrastructure both in type and geography can also help mitigate against DDoS as well as appropriate hybridization with public and private cloud,” says Day. “Any large enterprise should start with network level protection with multiple WAN entry points and agreements with the large traffic scrubbing providers (such as Akamai or F5) to mitigate and re-route attacks before they get to your edge.  No physical DDoS devices can keep up with WAN speed attacks, so they must be first scrubbed in the cloud.  Make sure that your operations staff has procedures in place to easily re-route traffic for scrubbing and also fail over network devices that get saturated,” says Scott Carlson, technical fellow at BeyondTrust. 2. Make real-time adjustments While it’s always been true that enterprises need to be able to adjust in real-time to DDoS attacks, it became increasingly so when a wave of attacks struck many in the financial services and banking industry in 2012 and 2013, including the likes of Bank of America, Capital One, Chase, Citibank, PNC Bank and Wells Fargo. These attacks were both relentless and sophisticated. “Not only were these attacks multi-vector, but the tactics changed in real time,” says Gary Sockrider, solutions architect for the Americas at Arbor Networks. The attackers would watch how sites responded, and when the site came back online, the hackers would adjust with new attack methods. “They are resolute and they will hit you on some different port, protocol, or from a new source. Always changing tactics,” he says. “ Enterprises have to be ready to be as quick and flexible as their adversaries.” 3. Enlist DDoS protection and mitigation services John Nye, VP of cybersecurity strategy at CynergisTek explains that there are many things enterprises can do on their own to be ready to adjust for when these attacks hit, but enlisting a third-party DDoS protection service may be the most affordable route. “Monitoring can be done within the enterprise, typically in the SOC or NOC, to watch for excessive traffic and if it is sufficiently distinguishable from legitimate traffic, then it can be blocked at the web application firewalls (WAF) or with other technical solutions. While it is possible to build a more robust infrastructure that can deal with larger traffic loads, this solution is substantially costlier than using a third-party service,” Nye says. Chris Day, chief cybersecurity officer at data center services provider Cyxtera, agrees with Nye that enterprises should consider getting specialty help. “Enterprises should work with a DDoS mitigation company and/or their network service provider to have a mitigation capability in place or at least ready to rapidly deploy in the event of an attack.” “The number one most useful thing that an enterprise can do — if their web presence is  that  critical to their business — is to enlist a third-party DDoS protection service,” adds Nye. “I will not recommend any particular vendor in this case, as the best choice is circumstantial and if an enterprise is considering using such a service they should thoroughly investigate the options.” 4. Don’t rely only on perimeter defenses Everyone we interviewed when reporting on the DDoS attacks that struck financial services firms a few years ago found that their traditional on-premises security devices — firewalls, intrusion-prevention systems, load balancers —were unable to block the attacks. “We watched those devices failing. The lesson there is really simple: You have to have the ability to mitigate the DDoS attacks before it gets to those devices. They’re vulnerable. They’re just as vulnerable as the servers you are trying to protect,” says Sockrider, when speaking of the attacks on banks and financial services a few years ago. Part of the mitigation effort is going to have to rely on upstream network providers or managed security service providers that can interrupt attacks away from the network perimeter. It’s especially important to mitigate attacks further upstream when you’re facing high-volume attacks. “If your internet connection is 10GB and you receive a 100GB attack, trying to fight that at the 10GB mark is hopeless. You’ve already been slaughtered upstream,” says Sockrider. 5. Fight application-layer attacks in-line Attacks on specific applications are generally stealthy, much lower volume and more targeted. “They’re designed to fly under the radar so you need the protection on-premises or in the data center so that you can perform deep-packet inspection and see everything at the application layer. This is the best way to mitigate these kinds of attacks,” says Sockrider. “Organizations will need a web protection tool that can handle application layer DoS attacks,” adds Tyler Shields, VP of Strategy, Marketing & Partnerships at Signal Sciences. “Specifically, those that allow you to configure it to meet your business logic. Network based mitigations are no longer going to suffice,” he says. Amir Jerbi, co-founder and CTO is Aqua Security, a container security company, explains how one of the steps you can take to protect against DDoS attacks is to add redundancy to an application by deploying it on multiple public cloud providers. “This will ensure that if your application or infrastructure provider is being attacked then you can easily scale out to the next cloud deployment,” he says. 6. Collaborate The banking industry is collaborating a little when it comes to these attacks. Everything they reveal is carefully protected and shared strictly amongst themselves, but in a limited way, banks are doing a better job at collaborating than most industries . “They’re working among each other and with their telecommunication providers. And they’re working directly with their service providers. They have to. They can’t just work and succeed in isolation,” says Lynn Price, IBM security strategist for the financial sector. For example, when the financial services industry was targeted, they turned to the Financial Services Information Sharing and Analysis Center for support and to share information about threats. “In some of these information-sharing meetings, the [big] banks are very open when it comes to talking about the types of attacks underway and the solutions they put into place that proved effective. In that way, the large banks have at least been talking with each other,” says Rich Bolstridge, chief strategist of financial services at Akamai Technologies. The financial sector’s strategy is one that could and should be adopted elsewhere, regardless of industry. 7. Watch out for secondary attacks As costly as DDoS attacks can be, they may sometimes be little more than a distraction to provide cover for an even more nefarious attack. “DDoS can be a diversion tactic for more serious attacks coming in from another direction. Banks need to be aware that they have to not only be monitoring for and defending the DDoS attack, but they also have to have an eye on the notion that the DDoS may only be one aspect of a multifaceted attack, perhaps to steal account or other sensitive information,” Price says. 8. Stay vigilant Although many times DDoS attacks appear to only target high profile industries and companies, research shows that’s just not accurate. With today’s interconnected digital supply-chains (every enterprise is dependent on dozens if not hundreds of suppliers online), increased online activism expressed through attacks, state sponsored attacks on industries in other nations, and the ease of which DDoS attacks can be initiated, every organization must consider themselves a target. So be ready, and use the advice in this article as a launching point to build your organization’s own anti-DDoS strategy. Source: https://www.csoonline.com/article/2133613/network-security/malware-cybercrime-ddos-protection-mitigation-and-defense-7-essential-tips.html

More:
DDoS protection, mitigation and defense: 7 essential tips

Destructive cyberattacks are only going to get worse

Overlooked among the stark headlines of the sheer scale of personal information hackers stole from credit monitor Equifax, was a Symantec reportdemonstrating that Dragonfly, a cyber-espionage group, continues to escalate its access to energy facilities’ operational systems in the United States, Turkey, and Switzerland. More than simple exploration and espionage, the report shows a clear step towards pursuing sabotage and destruction, a trend that’s become more common alongside rising geopolitical tensions. This latest cause for alarm should not be viewed as an anomaly but as the current state-of-cyber in 2017 and beyond. Over the last decade, destructive attacks have been targeting an increasing number and variety of organizations and critical infrastructure, but there has been a noticeable spike over the last year. In December, Crash Override, destructive malware largely attributed to Russia, struck the Ukraine power grid with a highly customized attack that could control the grid circuit switches and breakers. A few weeks earlier, Shamoon 2.0 surfaced, targeting Saudi government entities, infecting thousands of machines and spreading to Gulf states. Soon after, Stonedrill, another destructive malware, surfaced, targeting Saudi entities and at least one European organization. These attacks are also evolving and bringing additional effects into play. For example, KillDisk, malware with a wiper component, has recently been updated with a ransomware component. On the other hand, NotPetya masqueraded as ransomware, but was likely a targeted wiper malware attack focused on destabilizing business and state organizations in Ukraine. Dragonfly itself reflects an escalation in objectives from general intelligence gathering towards the system control that necessary for more damaging sabotage. This sort of escalation to destructive attacks usually occurs between interstate rivals with a higher propensity for conflict. In 2009, the North Korea-linked Dark Seoul gang was among the first to deploy wiper malware within a larger campaign, targeting the United States and South Korea with a combination of DDoS attacks and wiper malware. Similarly, following the Iran nuclear agreement, Iran and Saudi Arabia’s relative cyber ceasefire from 2012-15 gave way to a major escalation of tit-for-tat attacks on websites prior to Shamoon 2.0 and Stonedrill. More recently, the back-and-forth between Russia and Ukraine represents the most prominent use of these destructive attacks and the best example of a major power attacking smaller country. In many of these instances, private sector organizations are caught in the crossfires. NotPetya may cost shipping giant Maersk $300 million even though, by most accounts, it was not the intended target. Unfortunately, many of these attack vectors and destructive malware are now in the wild and are likely to be deployed by other groups. Dragonfly is just the latest reminder that attackers are increasingly brazen, and critical infrastructure remains a prime target.  Unlike the series of publicized destructive attacks that have been slowly on the rise for the last decade, we see no proof of actual sabotage with Dragonfly, but pre-positioning is probably underway.  We should not panic that the grid is about to go down, but we must pay attention to the trend.  Furthermore, although the energy sector is a prime target for destructive attacks, enterprises in other industries including media (I’m looking at you, HBO), finance and beyond must also be ready to protect themselves. As long as geopolitical tensions remain high, and with the growing open source proliferation of nation-state malware, this trend is unlikely to abate any time soon. Source: http://www.businessinsider.com/equifax-breach-proves-that-cyber-attacks-are-only-going-to-get-worse-2017-9

View original post here:
Destructive cyberattacks are only going to get worse

DOSarrest Rolls Out all New DDoS Protection Software

VANCOUVER, British Columbia, Sept. 11, 2017 (GLOBE NEWSWIRE) — DOSarrest Internet Security announced today that they have released their new DDoS protection software, along with a number of other advances and upgrades. This is DOSarrest’s 5th major release since starting in the fully managed cloud based DDoS protection service in 2007. This latest release is a complete rewrite of DOSarrest’s front end and backend systems utilizing the latest software development tools and technologies. Some of the new enhancements include. All new customer facing portal with 15 real-time, interactive traffic statistics displays. Complete new back end with new security features that can be deployed live in seconds All new big data analytics engine for faster real-time and historical statistics displays Machine learning module for traffic anomaly and bot detection All new larger routers and increased upstream capacity in all global locations Mark Teolis, CEO at DOSarrest, explains, “We are in our 11th year of providing a fully managed cloud based DDoS protection service, and if there’s one thing we have learned it’s that you’d better be ahead of the bad actors. This new release was developed with extreme flexibility in mind; we can basically analyze and create a feature that will stop any sophisticated attacks not yet even seen in the wild.” Teolis adds, “The biggest misconception in the DDoS protection world is that you only need capacity to fend off DDoS attacks, but in reality your chance of being hit by a small 10Mb/sec attack that will take your site down is millions of times greater.” About DOSarrest Internet Security: DOSarrest founded in 2007 in Vancouver, B.C., Canada is one of only a couple of companies worldwide to specialize in only cloud based DDoS protection services.  Additional Web security services offered are Cloud based  W eb  A pplication  F irewall (WAF) ,  V ulnerability  T esting and  O ptimization (VTO) ,  DataCenter Defender-GRE  as well as  cloud based global load balancing . Source: https://www.dosarrest.com/news-and-events/dosarrest-rolls-out-all-new-ddos-protection-software/

Continued here:
DOSarrest Rolls Out all New DDoS Protection Software

Sharing is caring, but keep your botnets to yourself

Sharing economy apps are prime targets for malicious attacks. The boom of mobile applications has superseded traditional services, revolutionising customer experience as we know it. In Australia, peer-to-peer services are being embraced by millions of consumers. A 2017 report by RateSetter revealed, 65% of Australians used sharing economy services like Uber and Airbnb in the past 6 months, with that set to increase to 75% in the next six months. With users willing to share personal details and financial information for the benefit of convenience or speed, these apps themselves are now a prime target for malicious attacks. These attacks paralyse services potentially for ransom, or worse, to unleash or amplify Distributed Denial of Service (DDoS) attacks to exploit users’ data. The very nature of DDoS attacks are changing to reflect the app boom. Old fashioned ‘network-layer’ DDoS attacks (the big bandwidth volumetric ones we read about) are being overtaken by smarter ‘application-layer’ attacks which interject the good application requests with the bad, harder to identify ones. As sharing economy apps become prime targets for malicious attacks, so do the services they connect to – and digital transformation means that many of those services are now in the cloud, or were born there natively. Big brands that have a huge amount of consumer data like Airbnb or Uber are moving quickly to the cloud. Airbnb migrated almost all of its cloud computing functions to Amazon Web Services (AWS) only after a year of starting and Uber has been in talks with the likes of Google, Microsoft and Amazon. The underlying danger of DDoS According to Neustar’s 2017 ‘Worldwide DDoS Attacks and Cyber Insights Research Report’, 84% of organisations surveyed globally were hit by a DDoS attack in the last 12 months, and 86% of these organisations were hit multiple times. Within the broader spectrum of risks for corporate security and IT decision makers, DDoS attacks present a growing challenge for several reasons. Firstly, the number of vulnerable devices has dramatically increased and so too has the level to which DDoS attacks have become automated and commoditised. Where a connection to the Internet previously required something that was more traditionally like a computer, IoT and cloud convergence have enabled even light bulbs to be connected to a network – providing an increased number of sources generating traffic. Secondly, according to Telstra’s 2017 cybersecurity report, 59% of Australian businesses experienced a DDoS attack on at least a yearly basis, with only 36% reporting a recovery time of within 30 minutes – and that’s a potential 30 minutes of app downtime in an economy where the patience of web and mobile users is measured in seconds. Security must be embedded in company culture Large scale DDoS attacks, like the Mirai botnet, gained significant media coverage after successfully impacting sites and services like Amazon, PayPal, Reddit and Twitter. If DDoS can disrupt giants like Amazon, then sharing economy apps like GoGet and Airtasker can become prime targets too, resulting in loss of revenue or customer loyalty. Organisations should strengthen their stance against all types of attacks and invest in smarter cyber security solutions. An important first step should be to cultivate a culture of cyber security awareness to create on-going conversations across all business units and functions. Anyone who has low awareness of cyber security and does not embrace good digital hygiene can be a weak link. Most importantly, security assessments must be an integral part of the application development framework, not an afterthought. Having securely coded applications will not only protect critical data at source, but will also enhance customer experiences and their confidence in an organisation. Ultimately, these simple yet effective measures integrated into every aspect of the organisation will ensure that customer trust is retained and the organisation’s bottom line is protected. Whilst the sharing economy is a prime target for attacks, with well-designed security infrastructure and best practices in place, we can be confident that it will continue to thrive and users’ personal data will remain secure. Source: https://www.computerworld.com.au/article/627122/sharing-caring-keep-your-botnets-yourself/?

Continue reading here:
Sharing is caring, but keep your botnets to yourself

Machine Learning in the DOSarrest Operations

Machine Learning can appear in many different forms and guises, but a general definition of Machine Learning usually incorporates something about computers learning without explicit programming and being able to automatically adapt. And while Machine Learning has been around for decades as a concept, it’s become more of a reality as computational power continues to increase, and the proliferation of Big Data platforms making it easier to capture floods of data. These developments have made ML practical and garnered a lot of interest, as evidenced by the large number of articles in the last two years surrounding AI and machine Learning However despite all this, the adoption of this Machine Learning is still relatively low amongst companies in the tech landscape (Gartner estimating that fewer than 15 percent of enterprises successfully get machine learning into production). And even when you hear about Company X adopting a machine learning strategy, it’s often conflated with another strategy or service within that company, and not truly realizing the automated ‘adaptiveness’ inherent within ML. Those companies that do realize a proper machine learning strategy, understanding and grooming their data as well as identifying the appropriate model/s can see real benefits to their operations, which is why DOSarrest has been developing such a strategy over the last year. Here at DOSarrest, we’ve been focusing on building an Anomaly Detection engine, focusing on the constantly evolving sophisticated application layer attacks. We collect huge amounts of data from disparate sources (e.g. Customized web logs, snmp and flow data, IDS logs, etc.), even when customers are not under attack. This provides an opportunity to identify baselines even in a multi tenant environment. As you would expect, there is a high degree of cardinality within some of the data fields, which can be challenging to work with when working with data in motion, but can have great benefits. With these huge structured data sets, we are able to identify KPI’s (Key Performance Indicators) and statistics that can be leveraged by the engine to identify anomalous behavior and brought to the attention of the Security Ops team, who are then able to investigate and act on the identified pattern. The engine continues to refine the probability of a metric, becoming more accurate over time in determining the severity of an anomaly. The strategy holds great promise, and further developments and refinements to this model will continue to evolve the best Security Operations Center in the business. A more detailed view of an anomaly – this shows a single IP requesting more than 60 times more frequently than a normal visitor. This screen gives an overview of any anomalies, organized by relevant factors. In this case the remote IP address of the requestor. Jag Bains CTO, DOSarrest Internet Security Source: https://www.dosarrest.com/ddos-blog/machine-learning-in-the-dosarrest-operations

Read the article:
Machine Learning in the DOSarrest Operations

Bigger Online Super Series Cancelled due to DDoS Attacks

The Winning Poker Network has cancelled the third leg of its OSS Cub3d series – the Bigger Online Super Series – due to the threat of further DDoS attacks. The Winning Poker Network´s Bigger Online Super Series (BOSS) was scheduled to be a superb finale to a hugely successful three-tiered OSS Cub3d tournament series. The series had started incredibly well, with events in the Mini Online Super Series beating their guarantees by an average of 67% and the “meat in the sandwich” – the Online Super Series – performing much better than had been expected . However, towards the end of last week, a series of DDoS attacks disrupted the series. Connection issues resulted in the cancellation of tournaments – not only the feature events in the Online Super Series, but also many qualifying satellites for the Million Dollar Sunday. Fortunately, the Million Dollar Sunday event was able to go ahead but, due to fears of further disruption, the Winning Poker Network has decided to cancel the remaining events in the OSS Cub3d schedule. New OSS Cub3d Series Scheduled for Later this Month Announcing the cancellation of the Bigger Online Super Series via the Americas Cardroom Twitch stream, the Winning Poker Network´s CEO – Phil Nagy – explained that the measures needed to be put in place to mitigate the threat of further DDoS would not be completed by Wednesday (the start date for the Bigger Online Super Series). He said rather than risk further frustration and disappointment , he was cancelling the series and rescheduling it for later in the month. Rather than just run the seventeen events cancelled from this week, the Winning Poker Network´s CEO announced a whole new OSS Cub3d series that will run from September 24th to October 22nd and feature two Million Dollar Sunday events – one with a half-price buy-in of just $265.00. Nagy said he would also honour the current finishing positions in the OSS Cub3d leaderboard promotion and give Punta Cana Poker Classic packages to the players occupying the top three positions. New Software and Updated Servers will Help Mitigate DDoS Threat Nagy is confident the rescheduled OSS Cub3d series will be able to go ahead without players suffering the disconnection issues that disrupted last weekend´s events. Within two weeks, new software will be released on updated servers that should be able to withstand DDoS attacks . The long-awaited WPN V2 poker client should also provide players with a more enjoyable online poker experience as many of the bugs that exist with the current version of the software have reportedly been fixed. Nagy also announced the Americas Cardroom mobile app is due to be released next week. First put into development in January, and expected to take between nine and twelve weeks, the app will support games of Jackpot Poker and Sit & Go 2.0 . It is not known whether the app will be available for all skins on the Winning Poker Network so, players wanting to play these games on the go may have to create an account with Americas Cardroom in order to access them. Bad Pelican Takes Million Dollar Sunday for $269,800 The fact that the Million Dollar Sunday event was able to go ahead last weekend was good news for “Bad Pelican”. The infrequent visitor to the Winning Poker Network topped a field of 2,698 to collect the $269,800 first prize after fourteen hours of play . The massive field ensured the million dollar guarantee was met and, in total, 405 players cashed in the event. The volume of players on the Winning Poker Network also ensured guarantee-busting prize pools for most of the weekend´s tournaments. Hopefully the next OSS Cub3d series should go without a hitch. As sites on the Winning Poker Network continue to add new features and player benefits, there will be huge expectations for the next OSS Cub3d series , and it will be a huge disappointment – not least for CEO Phil Nagy – if any of the tournaments have to be cancelled due to DDoS attacks or other connection issues. Source: http://www.pokernewsreport.com/bigger-online-super-series-cancelled-due-to-ddos-attacks-21870

Link:
Bigger Online Super Series Cancelled due to DDoS Attacks

Alleged UK Bank Hacker Extradited From Germany

U.K. officials have extradited the man who allegedly masterminded a cyberattack earlier this year that impacted two of England’s biggest banks. They have accused 29-year-old Daniel Kaye, who was found in Germany, of using an infected computer network to damage and blackmail both Barclays and Lloyds Banking Group, The Financial Times  reported. Following the cyberattack, Lloyds found its digital services crippled on and off for over 48 hours in January 2017, preventing some customers from being able to check their bank balances or send out payments via the network. The assault was a distributed “denial of service” (DDoS) attack, which overwhelms a firm’s website so its services don’t operate properly. The same month, Barclays fought off their own cyberattack, according to the National Crime Agency. These cybercrime attacks occurred just months following a high-profile cyberattack against Tesco Bank that caused 9,000 people to have their money stolen from accounts. HSBC also saw an attack against its personal banking website and mobile app in 2016, causing thousands of customers to be locked out of their accounts. “The investigation leading to these charges was complex and crossed borders,” said Luke Wyllie, the National Crime Agency’s senior operations manager. “Our cybercrime officers have analyzed reams of data on the way. Cybercrime is not victimless, and we are determined to bring suspects before the courts,” the  Financial Times reported. Daniel Kaye is also being accused of operating a cyberattack against Liberia’s largest internet provider, Lonestar MTN. Kaye is scheduled to appear in the U.K.’s Westminster Magistrates Court on Aug. 31. “In January, we were the target of a substantial distributed denial of service (DDoS) attack,” Lloyds Banking Group said in remarks according to news by the  Financial Times . “This was successfully defended but resulted in intermittent and temporary service issues for some customers. There was no attempt to access the bank’s systems and no customer details or accounts were compromised.” Source: http://www.pymnts.com/news/security-and-risk/2017/cybercriminal-daniel-kaye-extradited-following-ddos-cyberattacks/

Read More:
Alleged UK Bank Hacker Extradited From Germany

Tech firms band together to take down Android DDoS botnet

An ad-hoc alliance of tech firms has managed to seriously cripple an Android-based botnet that was being actively used to DDoS multiple content providers. The botnet, dubbed WireX by the researchers, consisted of Android devices with malicious apps installed. In fact, in the wake of the discovery, Google has pulled some 300 such apps from Google Play, began removing them remotely from affected users’ devices, and blocked them from being installed. The malicious apps The … More ?

Read the article:
Tech firms band together to take down Android DDoS botnet

3 Ways to Defeat DDoS Attacks

In 2012, a number of DDoS attacks hit Bank of America, JPMorgan Chase, Wells Fargo, U.S. Bank and PNC Bank. These attacks have since spread across most industries from government agencies to local schools and are showing an almost yearly evolution, with the most recent focus being the Internet of Things (IoT). In 2016, compromised cameras, printers, DVRs and other IoT appliances were used in a large attack on Dyn that took down major websites including Amazon, Twitter, Netflix, Etsy and Spotify. Inside Distributed Denial-of-Service Threats Although these large attacks dominate the headlines, they’re not what most enterprises will deal with day to day. The most common attacks are in the range of 20 to 30 Gbps or less, while larger attacks have been reported at 1.2 tbps. Creating DDoS Defense Security technology is becoming more sophisticated, but so are hackers, which means attacks can be much more difficult to mitigate now than in the past. Enterprises must be knowledgeable and prepared with mitigation techniques as the attacks continue to evolve. DDoS mitigation comes in three models: Scrubbing Centers The most common DDoS mitigation option for enterprises is to buy access to a scrubbing center service. During an attack, traffic is redirected to the security provider’s network, where the bad traffic is “scrubbed out” and only good traffic is returned to the customer. This option is good for multi-ISP environments and can be used to counter both volumetric and application-based attacks. For added protection, some providers can actually place a device in your data center, but this is not as cost-effective as the cloud-based option. ISP- Clean Pipes Approach With the rise of DDoS attacks, many ISPs have started their own scrubbing centers internally, and for a premium will monitor and mitigate attacks on their customers’ websites. In this scenario, ISPs operate as a one-stop-shop for bandwidth, hosting and DDoS mitigation. But some ISPs are more experienced at this than others, so customers must be sure to thoroughly test and research the quality of the service offered by their ISPs. Content Delivery Network Approach The distributed nature of content delivery networks (CDNs) means that websites live globally on multiple servers versus one origin server, making them difficult to take down. Large CDNs may have over 100,000 servers distributing or caching web content all over the world. However, CDN-based mitigation is really only a good option for enterprises that require core CDN functionality, as porting content to a CDN can be a time-intensive project. Source: https://www.forbes.com/sites/gartnergroup/2017/08/28/3-ways-to-defeat-ddos-attacks/#dda62aada78f

See the original article here:
3 Ways to Defeat DDoS Attacks

Week in review: Android Oreo security, hacking robots, DDoS attacks on the rise

Here’s an overview of some of last week’s most interesting news, podcasts and articles: Judge limits DOJ’s search of anti-Trump website data On Thursday, District of Columbia Superior Court Judge Robert Morin ruled that DreamHost must comply with the narrowed warrant, but has further limited the government’s access to the asked-for data, in order to limit exposure of sensitive user information. Review: Securing the Internet of Things The authors do a good job explaining the … More ?

Read more here:
Week in review: Android Oreo security, hacking robots, DDoS attacks on the rise