SlideShare a Scribd company logo

The Rising Threat of DDoS Attacks: Is Your Business at Risk?

Download as PPTX, PDF
NetStandard
NetStandard

Presented originally by NetStandard's Daniel Fluke, Ph.D. at INTERFACE Kansas City, this presentation defines the differences between DoS and DDoS attacks and provides tips for identifying and mitigating attacks on your business.

TechnologyEconomy & Finance
1 of 21
The Rising Threat of DDoS Attacks Is Your Business At Risk? NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Daniel Fluke, Ph.D NetStandard Inc.
What Is A DoS or DDoS Attack? A Denial of Service (DoS) or Distributed Denial of Service (DDoS) attack is an attempt by a malicious party to make a machine or network resource (like a website) unavailable to its intended users (your customers). Targets: • Financial Institutions • Small/Midsized Businesses • Retail NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 |
DoS or DDoS: What’s the Difference? DoS – Denial of Service A Denial of Service attack is an attempt by a single machine to prevent others from utilizing your website resources. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 |
DoS or DDoS: What’s the Difference? NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | DDoS – Distributed Denial of Service A Distributed Denial of Service attack is an attempt by multiple machines to prevent others from utilizing your website resources.
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks There are multiple types of attacks that can effectively make your systems inaccessible or unresponsive to users. Three general types of attacks: 1. Volume-Based Attacks 2. Protocol Attacks 3. Application Layer Attacks
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Volume-Based Attacks Goal: To saturate the bandwidth of the attacked site. The magnitude of this type of attack is typically measured in bits per second. Attack Includes: • UDP Floods • ICMP Floods • Spoofed Packet Floods
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Protocol Attacks Goal: To consume the resources of either the servers or the intermediate communication equipment, such as routers, load balancers and/or firewalls. Protocol attacks are usually measured in packets per second. Attack Includes: • SYN Floods • Fragmented Packet Attacks • The Ping of Death • Smurf DDoS
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Application Layer Attacks Goal: To crash web servers. Arguably the most dangerous form of DDoS attack, these attacks are often comprised of seemingly legitimate and innocent requests. Application layer attacks are often measured in requests per second. Attack Includes: • Slowloris • Zero-day DDoS attacks • DDoS attacks on Apache, Windows or OpenBSD vulnerabilities
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks In Q1 of 2013, the Prolexic Global DDoS Attack Report gives the following breakdown of the types of attacks being carried out:
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks In Q1 of 2013, the Prolexic Global DDoS Attack Report gives the following breakdown of the types of attacks being carried out: • Syn Flood – Spoofed Syn packets fill the connection tables of your servers • ICMP Flood – ICMP packets overload servers and inbound bandwidth • Non-Service Port Flood – TCP/UDP packets overload servers and inbound bandwidth on ports not being used for services (i.e., Port 81) • Service Port Flood – Packets overload servers and inbound bandwidth on ports being used for services (i.e., Port 80) • Fragmented Flood – Fragmented packets are sent to servers, causing them to overload as they process those packets • HTTP Get Flood – HTTP Get requests flood servers and incoming bandwidth on in-use service ports, mimicking valid traffic
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | How Is An Attack Launched? • In order to launch a DDoS attack, attackers need between several hundred and several thousand compromised hosts. Hosts are usually Linux and SUN computers, but tools can be ported to other platforms • Compromising a host and installing tools is automated. The process can be divided into four steps: 1. Attackers initiate scan phase 2. Identified vulnerable hosts are compromised 3. Tools installed on each host 4. Compromised hosts are used for further scanning and compromising
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | How Is An Attack Controlled? Using a command and control system, attackers create subordinate systems that can control the attacking machines. • Attackers can compromise and install tools on a single host in under 5 seconds • Several thousand hosts can be compromised in less than an hour • Large attacks may have multiple subordinate control systems and thousands of Bots • Commands can be passed on to initiate and control attacking machines
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | The Origins of Attacks Top 10 Attack Source Countries: *Prolexic Global DDoS Attack Report, Q1 2013
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | What Motivates Attackers? • Revenge against a company’s policies or practices • Revenge against a company for something posted on social media • Eliciting ransom money to stop the attack • Ransoming bandwidth and availability • Because they can
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Are You A Target? • Banks and financial institutions • Consumer goods retailers • Manufacturers • Companies in the news • Companies engaging in political, cultural or social hot-button issues, whether through comments in social media or day-to-day practices. EVERY BUSINESS IS A TARGET. Some, however, are more popular targets than others:
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Know When You’re Under Attack • Abnormally high or unexpected loads on websites • “Service Unavailable” messages • Abnormalities or unusual activity in website statistics • Suspicious activity in log files • Abnormally high bandwidth utilization Key signs your business is under attack: If your company is in the cloud, you could be affected when another company hosted by your provider is attacked. Selecting a provider with plenty of additional bandwidth can help absorb the bandwidth of the demands and mitigate the impact to your business.
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Prepare Before An Attack • Know Your Vulnerabilities – What is happening internally that might make attackers aware of your presence? • Increase Resiliency and Availability – Implement industry best practices for network infrastructure, applications, critical support services and DNS. • Secure Potential Bottlenecks – Ensure systems are configured correctly. • Watch Your Systems and Network – Use automated tools to monitor and alert on suspicious activity. • Small Attacks Happen, Too – Nearly 50% of attacks are less than 5GB, and 25% are 1GB or less. • Beware of Application Attacks – These are much harder to recognize than network layer attacks. Create a plan before an attack:
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Prepare Before An Attack • Beware Blended Attacks – Attackers are increasingly combining network and application layer attacks. • Look for Suspicious Activity – Be aware of the possibilities of suspicious activity, like social engineering, during an attack. Sometimes DDoS is used as a distraction. • Make Friends Upstream – Your ISP can help identify and mitigate attacks. Work with them to implement various strategies that can help before an attack and after. • Sign Up For DoS/DDoS Mitigation Services – Consider signing up for a DoS/DDoS mitigation service, like those provided by AT&T, Verisign, Arbor Networks and Prolexic. Create a plan before an attack, cont.:
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | What If I’m Attacked? • Block the attack with packet filters on your routers. If possible, do this at the border of your network or through your ISP. • Null route, or blackhole, the IP address being attacked on your border routers or on your ISP’s border routers. This will effectively shut down the service running attached to that IP address, but it could keep other systems online and available. • Use Anycast and Multicast Source Discovery Protocol (MSDP) if your company has websites co-hosted at several locations. Your response to an attack is dependent upon what type of attack is being waged. Initial steps should include:
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | DDoS In The News Independent Newspapers – Received attack following the publishing of an article in support of Zimbabwean President Robert Mugabe. The Spamhaus Project – Spam crusaders have been battling massive DDoS attacks that have reportedly resulted in a slowdown of the entire Web. Attacks on U.S. Banks – An Islamic group launched a third wave of high-powered DDoS attacks against U.S. banks in March 2013 and is reportedly targeting other financial institutions.
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Questions? Contact us!

Recommended

DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attackstollen_fusion
 
kevin's powerpoint chapt 6
kevin's powerpoint chapt 6kevin's powerpoint chapt 6
kevin's powerpoint chapt 6kkajairo
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacksRollingsherman
 
3G Radio Network Planning
3G Radio Network Planning3G Radio Network Planning
3G Radio Network Planningtoha ardi nugraha
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service AttacksPascal Flöschel
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the CloudNetStandard
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

Recommended

DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attackstollen_fusion
 
kevin's powerpoint chapt 6
kevin's powerpoint chapt 6kevin's powerpoint chapt 6
kevin's powerpoint chapt 6kkajairo
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacksRollingsherman
 
3G Radio Network Planning
3G Radio Network Planning3G Radio Network Planning
3G Radio Network Planningtoha ardi nugraha
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service AttacksPascal Flöschel
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the CloudNetStandard
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 

More Related Content

Recently uploaded

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 

Recently uploaded (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Featured

Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at WorkGetSmarter
 

Featured (20)

Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 

The Rising Threat of DDoS Attacks: Is Your Business at Risk?

  • 1. The Rising Threat of DDoS Attacks Is Your Business At Risk? NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Daniel Fluke, Ph.D NetStandard Inc.
  • 2. What Is A DoS or DDoS Attack? A Denial of Service (DoS) or Distributed Denial of Service (DDoS) attack is an attempt by a malicious party to make a machine or network resource (like a website) unavailable to its intended users (your customers). Targets: • Financial Institutions • Small/Midsized Businesses • Retail NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 |
  • 3. DoS or DDoS: What’s the Difference? DoS – Denial of Service A Denial of Service attack is an attempt by a single machine to prevent others from utilizing your website resources. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 |
  • 4. DoS or DDoS: What’s the Difference? NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | DDoS – Distributed Denial of Service A Distributed Denial of Service attack is an attempt by multiple machines to prevent others from utilizing your website resources.
  • 5. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks There are multiple types of attacks that can effectively make your systems inaccessible or unresponsive to users. Three general types of attacks: 1. Volume-Based Attacks 2. Protocol Attacks 3. Application Layer Attacks
  • 6. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Volume-Based Attacks Goal: To saturate the bandwidth of the attacked site. The magnitude of this type of attack is typically measured in bits per second. Attack Includes: • UDP Floods • ICMP Floods • Spoofed Packet Floods
  • 7. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Protocol Attacks Goal: To consume the resources of either the servers or the intermediate communication equipment, such as routers, load balancers and/or firewalls. Protocol attacks are usually measured in packets per second. Attack Includes: • SYN Floods • Fragmented Packet Attacks • The Ping of Death • Smurf DDoS
  • 8. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Application Layer Attacks Goal: To crash web servers. Arguably the most dangerous form of DDoS attack, these attacks are often comprised of seemingly legitimate and innocent requests. Application layer attacks are often measured in requests per second. Attack Includes: • Slowloris • Zero-day DDoS attacks • DDoS attacks on Apache, Windows or OpenBSD vulnerabilities
  • 9. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks In Q1 of 2013, the Prolexic Global DDoS Attack Report gives the following breakdown of the types of attacks being carried out:
  • 10. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks In Q1 of 2013, the Prolexic Global DDoS Attack Report gives the following breakdown of the types of attacks being carried out: • Syn Flood – Spoofed Syn packets fill the connection tables of your servers • ICMP Flood – ICMP packets overload servers and inbound bandwidth • Non-Service Port Flood – TCP/UDP packets overload servers and inbound bandwidth on ports not being used for services (i.e., Port 81) • Service Port Flood – Packets overload servers and inbound bandwidth on ports being used for services (i.e., Port 80) • Fragmented Flood – Fragmented packets are sent to servers, causing them to overload as they process those packets • HTTP Get Flood – HTTP Get requests flood servers and incoming bandwidth on in-use service ports, mimicking valid traffic
  • 11. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | How Is An Attack Launched? • In order to launch a DDoS attack, attackers need between several hundred and several thousand compromised hosts. Hosts are usually Linux and SUN computers, but tools can be ported to other platforms • Compromising a host and installing tools is automated. The process can be divided into four steps: 1. Attackers initiate scan phase 2. Identified vulnerable hosts are compromised 3. Tools installed on each host 4. Compromised hosts are used for further scanning and compromising
  • 12. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | How Is An Attack Controlled? Using a command and control system, attackers create subordinate systems that can control the attacking machines. • Attackers can compromise and install tools on a single host in under 5 seconds • Several thousand hosts can be compromised in less than an hour • Large attacks may have multiple subordinate control systems and thousands of Bots • Commands can be passed on to initiate and control attacking machines
  • 13. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | The Origins of Attacks Top 10 Attack Source Countries: *Prolexic Global DDoS Attack Report, Q1 2013
  • 14. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | What Motivates Attackers? • Revenge against a company’s policies or practices • Revenge against a company for something posted on social media • Eliciting ransom money to stop the attack • Ransoming bandwidth and availability • Because they can
  • 15. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Are You A Target? • Banks and financial institutions • Consumer goods retailers • Manufacturers • Companies in the news • Companies engaging in political, cultural or social hot-button issues, whether through comments in social media or day-to-day practices. EVERY BUSINESS IS A TARGET. Some, however, are more popular targets than others:
  • 16. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Know When You’re Under Attack • Abnormally high or unexpected loads on websites • “Service Unavailable” messages • Abnormalities or unusual activity in website statistics • Suspicious activity in log files • Abnormally high bandwidth utilization Key signs your business is under attack: If your company is in the cloud, you could be affected when another company hosted by your provider is attacked. Selecting a provider with plenty of additional bandwidth can help absorb the bandwidth of the demands and mitigate the impact to your business.
  • 17. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Prepare Before An Attack • Know Your Vulnerabilities – What is happening internally that might make attackers aware of your presence? • Increase Resiliency and Availability – Implement industry best practices for network infrastructure, applications, critical support services and DNS. • Secure Potential Bottlenecks – Ensure systems are configured correctly. • Watch Your Systems and Network – Use automated tools to monitor and alert on suspicious activity. • Small Attacks Happen, Too – Nearly 50% of attacks are less than 5GB, and 25% are 1GB or less. • Beware of Application Attacks – These are much harder to recognize than network layer attacks. Create a plan before an attack:
  • 18. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Prepare Before An Attack • Beware Blended Attacks – Attackers are increasingly combining network and application layer attacks. • Look for Suspicious Activity – Be aware of the possibilities of suspicious activity, like social engineering, during an attack. Sometimes DDoS is used as a distraction. • Make Friends Upstream – Your ISP can help identify and mitigate attacks. Work with them to implement various strategies that can help before an attack and after. • Sign Up For DoS/DDoS Mitigation Services – Consider signing up for a DoS/DDoS mitigation service, like those provided by AT&T, Verisign, Arbor Networks and Prolexic. Create a plan before an attack, cont.:
  • 19. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | What If I’m Attacked? • Block the attack with packet filters on your routers. If possible, do this at the border of your network or through your ISP. • Null route, or blackhole, the IP address being attacked on your border routers or on your ISP’s border routers. This will effectively shut down the service running attached to that IP address, but it could keep other systems online and available. • Use Anycast and Multicast Source Discovery Protocol (MSDP) if your company has websites co-hosted at several locations. Your response to an attack is dependent upon what type of attack is being waged. Initial steps should include:
  • 20. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | DDoS In The News Independent Newspapers – Received attack following the publishing of an article in support of Zimbabwean President Robert Mugabe. The Spamhaus Project – Spam crusaders have been battling massive DDoS attacks that have reportedly resulted in a slowdown of the entire Web. Attacks on U.S. Banks – An Islamic group launched a third wave of high-powered DDoS attacks against U.S. banks in March 2013 and is reportedly targeting other financial institutions.
  • 21. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Questions? Contact us!

Editor's Notes

  1. The whole point of a Denial of Service (DoS) attack is to deny your legitimate users access to those resources.
  2. The process of compromising a host and installing the tool is automated. The process can be divided into these steps, in which the attackers: Initiate a scan phase in which a large number of hosts (on the order of 100,000 or more) are probed for a known vulnerability. Compromise the vulnerable hosts to gain access. Install the tool on each host. Use the compromised hosts for further scanning and compromises.
  3. Because an automated process is used, attackers can compromise and install the tool on a single host in under five seconds. In other words, several thousand hosts can be compromised in under an hour. In essence, the Attacker, using a command and control system may create subordinate systems that can control the attacking machines.Very large attacks may have multiple subordinate control systems and hundred or thousands of Bots that will actually be the originating attacking machines.Commands can be passed along to initiate and control the attacking machines, thus denying access to your resources.
  4. According to the Prolexic Global DDoS Attack Report, Q1 2013: The top 10 Attack Source Countries are
  5. Attackers can be motivated by any number of reasons.Revenge against your company for some policy you may haveRevenge against your company for something that your company posted on a social media siteDamaging your business to elicit payment from you to stop the attackAttackers may be seeking to ransom your bandwidth and availability, and if you pay them off they will stop the attack.Sometimes it is just BECAUSE THEY CAN!
  6. Just about every type of business can be a target, and likely have been in some fashion over the course of the last 10 years or so.Some of the favorite targets are:Banks and other financial institutionsConsumer goods retailers and manufacturersCompanies that are in the newsCompanies that have just made someone or some group mad because of their policies, comments in social media or any number of other reasons
  7. How do you know you are being attacked.Regularly monitor your web site performance. If loads are abnormally high and unexpected, you may be under attack.You may start seeing Service Unavailable messages that might indicate that you services are heavily loaded.Pay attention to your web statistics reviewing them for anomalies that might indicate unusual activity.Check your log files for suspicious activity.Monitor bandwidth utilization to identify potential attack activity.
  8. Attacks are cheap to launch and expensive to combat!
  9. Attacks are cheap to launch and expensive to combat!
  10. Attacks are cheap to launch and expensive to combat!
  11. Independent Newspapers has confirmed a report that it has come under a cyber attack. The online division, IOL, was offline on Wednesday amid reports that it had sustained a DDOS attack for publishing an article in support of Zimbabwean president Robert Mugabe.Distributed denial-of-service (DDoS) attacks that could be related have …. slammed the DNS servers of at least three providers of domain name management and DNS hosting services. DNSimple, easyDNS and TPP Wholesale all reported temporary DNS service outages and degradation on Monday, citing DDoS attacks as the reason.Spam crusaders The Spamhaus Project have been battling massive distributed denial of service (DDoS) attacks that have reportedly resulted in a slowdown of the entire Web.An Islamic group that launched a third wave of high-powered dedicated denial-of-service (DDoS) attacks against U.S. banks in March has started targeting other financial organizations, including credit card companies and financial brokerages, security experts say.