SlideShare ist ein Scribd-Unternehmen logo

Attackers Vs. Defenders: Restoring the Equilibrium

Als PPTX, PDF herunterladen
Radware
Radware
Technologie
1 von 32
Attackers Vs. Defenders: Restoring the Equilibrium Ron Meyran Director of Security Marketing January 2013
AGENDA Cyber security Statistics About 2012 Global Security Report Key Findings ERT Case Studies 2013 Recommendations
Cyber Security Study • A research study by Ponemon & Radware • Surveyed 700 IT & IT Security Practitioners • Non Radware customers • Release date: November 12th 2012 3
Cyber Security Business Priorities Ranking of cyber security objectives in terms of a business priority objective 5 = Highest Priority to 1 = Lowest Priority 5 4.7 4.5 4.4 4 3.5 3.5 3 2.8 2.5 2 1.9 1.5 1 0.5 0 Interoperability Confidentiality Integrity Compliance Availability 4
DDoS Attacks Frequency How many DDoS attacks experienced in the past 12 months? of organizations had an 65% average of 3 DDoS attacks in the past 12 months 5
Average downtime during one DDoS attack 25% 22% 20% 16% 15% 13% Minutes average 10% 10% 54 11% downtime during 9% one DDoS attack 5% 10% 5% 4% 0% Less than 1 11 to 20 minutes 31 to 60 minutes 3 to 5 Cannot minute hours determine 6
Cost of Downtime Cost per minute of downtime 25% 21% 20% 15% 12% $22,000 15% 15% Average cost per minute of downtime 11% 10% 8% 7% 5% 1% $3,000,000 5% 5% 0% Average annual Cost of DDoS Attacks 7
AGENDA Cyber security Statistics About 2012 Global Security Report Key Findings ERT Case Studies 2013 Recommendations
Information Resources • Radware Security Survey • ERT Survey – External survey – Internal survey – 179 participant – Unique visibility into attacks – 95.5% are not using behaviour Radware DoS mitigation – 95 selected cases solution • Customer identity remains undisclosed ERT gets to see attacks in real-time on daily basis 9
AGENDA Cyber security Statistics About 2012 Global Security Report Key Findings ERT Case Studies 2013 Recommendations
Organizations Bring a Knife to a Gunfight • ”Someone who brings a knife to a gun fight” – Is someone who does prepare himself for the fight, but does not understand its true nature • Organizations today are like that – They do invest before the attack starts, and conduct excellent forensics after it is over, – however, they have one critical blind-spot – they don't have the capabilities or resources to sustain a long, complicated attack campaign. • Attackers target this blind spot! 11
Attacked in 2012 They had the budget They made the investment And yet they went offline 12
Organizations Deploy Two-phase Security Approach Industry Security Survey How much did your organization invest in each of the following security aspects in the last year? 45% 40% 35% 30% 25% Procedures 20% Human skills 15% Equipment 10% 5% 0% Before During After Only 21% of company efforts are invested during the attack itself, while 79% is spent during the pre-attack and post-attack phase. 13
But attacks today have 3 phases 14
Attacks last longer 21% 23% 14 21% 12 12% 10 8 2011 2012 6 11% 4 12% 2 20 0 12 1-2 days 20 Half a week 11 1 week Attacks last longer: The number of DoS attacks lasting over a week had doubled in 2012 15
And become more complex ERT Cases – Attack Vectors 29% 29% 16% 30% 25% 20% 15% 16% 10% 4% 5% 0% 7% 5-6 7-8 Complexity 9-10 2011 2012 Attacks are more complex: 2012 DoS/DDoS attacks have become more sophisticated, using morecomplex attack vectors. Note the number of attacks using a complexity level of 7-10. 16
Content Delivery Network (CDN) Do you consider Content Delivery Networks (CDNs) a solution for a DoS/DDoS attack? 70% Yes 30% No 70% of the companies who use CDN believe the CDN is a solution for DoSDDoS attacks. 17
Attacks Evade CDN service GET Legitimate requests www.exmaple.com are refused Legitimate users Internet Backend Webserver • In recent cyber attacks the CDN was easily bypassed – By changing the page request in every Web GET www.exmaple.com/?[Random] transaction Botnet • These random request techniques force CDNs to “raise the curtain” – All the attacks traffic is disembarked directly to the customer premise – More complex to mitigate attacks masked by CDN CDN service 18
Attackers are well prepared • By definition the defenders loose the battle • Equilibrium has been disrupted 19
The good news (1) Industry Security Survey How likely is it that your organization will be attacked by cyber warfare? Possible 37% Organizations start understanding Unlikely 45% the risk of DDoS Very likely Likely 10% 8% Over half of the organizations believe their organization is likely to be attacked by cyber warfare. 20
The good news (2) Industry Security Survey Which solutions do you use against DoS attacks? 40% 45% 40% 32% 32% 35% 27% 30% Organizations start understanding 25% 20% 12% 15% Firewall and IPS cannot fight DDoS 5% 5% 5% 8% 10% 5% 3% 8% 2% 5% 10% 1% 5% attacks 0% 2012 2011 21
Conclusions • Today‟s attacks are different – Carefully planned – Last days or weeks – Switching between attack vectors • Organizations are ready to fight yesterdays‟ attacks – Deploy security solutions that can absorb the first strike – But when attacks prolong - they have very limited gunfire – By the time they succeed blocking the first two attack vectors, attackers switch to a third, more powerful one 22
A different approach is needed • A team of security experts – Acquire capabilities to sustain long attacks – Train a team that is ready to respond to persistent attacks – Deploy the most up-to-date methodologies and tools – 24 x 7 availability to respond to attacks – Deploy counterattack techniques to cripple an attack 23
AGENDA Cyber security Statistics About 2012 Global Security Report Key Findings ERT Case Studies 2013 Recommendations
US Banks Under Attack: from the news 25
US Banks Under Attack: Operation Ababil • Publication of the „Innocence of Muslim‟ film on YouTube invokes demonstrations throughout the Muslim world • September 18th- „Cyber Fighters of Izz ad-din Al Qassam‟ announced an upcoming cyber attack campaign against „American and Zionist‟ targets. 26
Attack Summary • Attack targets – Bank of America – New York Stock Exchange (NYSE) – Chase – Wells Fargo • Attacks lasted Sep 18-21, 2012 • Multiple attacks‟ waves on each target, each wave lasted 4 to 9 hours • Victims suffered from temporary outages and network slowness • ERT was actively involved in protecting the attacked organizations 27
Why it was so challenging? UDP Garbage flood on ports 80 and 443 Multi-vulnerability attack campaignLarge volume SYN flood • Mitigation nearly impossible Business • Attackers look for the blind spot SSL Client Hello flood HTTP flood attack 28
Recent updates • HTTP flood was carried from compromised hosting servers – Highly distributed attacks 29
AGENDA Cyber security Statistics About 2012 Global Security Report Key Findings ERT Case Studies 2013 Recommendations
ERT recommendations for 2013 • Acquire capabilities to sustain a long sophisticated cyber attack • Attack tools are known. Test yourself • Carefully plan the position of DoS/DDoS mitigation within network architecture – On premise capabilities – In the cloud capabilities 31
Thank You Ron Meyran ronm@radware.com

Empfohlen

Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...Skybox Security
 
11th Website Security Statistics -- Presentation Slides (Q1 2011)
11th Website Security Statistics -- Presentation Slides (Q1 2011)11th Website Security Statistics -- Presentation Slides (Q1 2011)
11th Website Security Statistics -- Presentation Slides (Q1 2011)Jeremiah Grossman
 
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...Andris Soroka
 
Not my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsNot my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsThomas Zimmermann
 
Jedi mind tricks for building application security programs
Jedi mind tricks for building application security programsJedi mind tricks for building application security programs
Jedi mind tricks for building application security programsSecurity BSides London
 
Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Ricardo Resnik
 
Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Enterprising Non-Profits
 
Business Driven Security Securing the Smarter Planet pcty_020710_rev
Business Driven Security Securing the Smarter Planet pcty_020710_revBusiness Driven Security Securing the Smarter Planet pcty_020710_rev
Business Driven Security Securing the Smarter Planet pcty_020710_revShanker Sareen
 

Empfohlen

Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...Skybox Security
 
11th Website Security Statistics -- Presentation Slides (Q1 2011)
11th Website Security Statistics -- Presentation Slides (Q1 2011)11th Website Security Statistics -- Presentation Slides (Q1 2011)
11th Website Security Statistics -- Presentation Slides (Q1 2011)Jeremiah Grossman
 
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...Andris Soroka
 
Not my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsNot my bug! Reasons for software bug report reassignments
Not my bug! Reasons for software bug report reassignmentsThomas Zimmermann
 
Jedi mind tricks for building application security programs
Jedi mind tricks for building application security programsJedi mind tricks for building application security programs
Jedi mind tricks for building application security programsSecurity BSides London
 
Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Ricardo Resnik
 
Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Enterprising Non-Profits
 
Business Driven Security Securing the Smarter Planet pcty_020710_rev
Business Driven Security Securing the Smarter Planet pcty_020710_revBusiness Driven Security Securing the Smarter Planet pcty_020710_rev
Business Driven Security Securing the Smarter Planet pcty_020710_revShanker Sareen
 
Vulnerability Management Program
Vulnerability Management ProgramVulnerability Management Program
Vulnerability Management ProgramDennis Chaupis
 
Avoiding Data Breaches in 2016: What You Need to Kow
Avoiding Data Breaches in 2016: What You Need to Kow Avoiding Data Breaches in 2016: What You Need to Kow
Avoiding Data Breaches in 2016: What You Need to Kow Enterprise Management Associates
 
360-Degree Approach to DR / BC
360-Degree Approach to DR / BC360-Degree Approach to DR / BC
360-Degree Approach to DR / BCAISDC
 
Maximizing Security Training ROI
Maximizing Security Training ROIMaximizing Security Training ROI
Maximizing Security Training ROISymosis Security (Previously C-Level Security)
 
DamballaOverview
DamballaOverviewDamballaOverview
DamballaOverviewDavid C. Petty
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24
 
SecurityBSides London - Jedi mind tricks for building application security pr...
SecurityBSides London - Jedi mind tricks for building application security pr...SecurityBSides London - Jedi mind tricks for building application security pr...
SecurityBSides London - Jedi mind tricks for building application security pr...Security Ninja
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhJames Herold
 
Maximize Computer Security With Limited Ressources
Maximize Computer Security With Limited RessourcesMaximize Computer Security With Limited Ressources
Maximize Computer Security With Limited RessourcesSecunia
 
Managing Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyManaging Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyEvan Francen
 
F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Corporation
 
Issa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersIssa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersMike Murray
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Hewlett Packard Enterprise Business Value Exchange
 
Outsourcing
OutsourcingOutsourcing
Outsourcingkarlhennessy
 
ISTR Volume 18
ISTR Volume 18ISTR Volume 18
ISTR Volume 18Symantec
 
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...cVidya Networks
 
Symantec 2010 Disaster Recovery Study
Symantec 2010 Disaster Recovery StudySymantec 2010 Disaster Recovery Study
Symantec 2010 Disaster Recovery StudySymantec
 
Using ThreadFix to Manage Application Vulnerabilities
Using ThreadFix to Manage Application VulnerabilitiesUsing ThreadFix to Manage Application Vulnerabilities
Using ThreadFix to Manage Application VulnerabilitiesDenim Group
 
We present Bugscout
We present BugscoutWe present Bugscout
We present BugscoutJorge Martínez Taboada
 
Progressive Times - May 2012
Progressive Times - May 2012Progressive Times - May 2012
Progressive Times - May 2012Progressive InfoTech
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
Symantec 2010 Windows 7 Migration Survey
Symantec 2010 Windows 7 Migration SurveySymantec 2010 Windows 7 Migration Survey
Symantec 2010 Windows 7 Migration SurveySymantec
 

Weitere ähnliche Inhalte

Was ist angesagt?

Vulnerability Management Program
Vulnerability Management ProgramVulnerability Management Program
Vulnerability Management ProgramDennis Chaupis
 
360-Degree Approach to DR / BC
360-Degree Approach to DR / BC360-Degree Approach to DR / BC
360-Degree Approach to DR / BCAISDC
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24
 
SecurityBSides London - Jedi mind tricks for building application security pr...
SecurityBSides London - Jedi mind tricks for building application security pr...SecurityBSides London - Jedi mind tricks for building application security pr...
SecurityBSides London - Jedi mind tricks for building application security pr...Security Ninja
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhJames Herold
 
Maximize Computer Security With Limited Ressources
Maximize Computer Security With Limited RessourcesMaximize Computer Security With Limited Ressources
Maximize Computer Security With Limited RessourcesSecunia
 
Managing Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyManaging Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyEvan Francen
 
F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Corporation
 
Issa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersIssa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersMike Murray
 

Was ist angesagt? (14)

Vulnerability Management Program
Vulnerability Management ProgramVulnerability Management Program
Vulnerability Management Program
 
Avoiding Data Breaches in 2016: What You Need to Kow
Avoiding Data Breaches in 2016: What You Need to Kow Avoiding Data Breaches in 2016: What You Need to Kow
Avoiding Data Breaches in 2016: What You Need to Kow
 
360-Degree Approach to DR / BC
360-Degree Approach to DR / BC360-Degree Approach to DR / BC
360-Degree Approach to DR / BC
 
Maximizing Security Training ROI
Maximizing Security Training ROIMaximizing Security Training ROI
Maximizing Security Training ROI
 
DamballaOverview
DamballaOverviewDamballaOverview
DamballaOverview
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
 
SecurityBSides London - Jedi mind tricks for building application security pr...
SecurityBSides London - Jedi mind tricks for building application security pr...SecurityBSides London - Jedi mind tricks for building application security pr...
SecurityBSides London - Jedi mind tricks for building application security pr...
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rh
 
Maximize Computer Security With Limited Ressources
Maximize Computer Security With Limited RessourcesMaximize Computer Security With Limited Ressources
Maximize Computer Security With Limited Ressources
 
Managing Third-Party Risk Effectively
Managing Third-Party Risk EffectivelyManaging Third-Party Risk Effectively
Managing Third-Party Risk Effectively
 
F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012
 
Issa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your UsersIssa Charlotte 2009 Patching Your Users
Issa Charlotte 2009 Patching Your Users
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
Outsourcing
OutsourcingOutsourcing
Outsourcing
 

Ähnlich wie Attackers Vs. Defenders: Restoring the Equilibrium

ISTR Volume 18
ISTR Volume 18ISTR Volume 18
ISTR Volume 18Symantec
 
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...cVidya Networks
 
Symantec 2010 Disaster Recovery Study
Symantec 2010 Disaster Recovery StudySymantec 2010 Disaster Recovery Study
Symantec 2010 Disaster Recovery StudySymantec
 
Using ThreadFix to Manage Application Vulnerabilities
Using ThreadFix to Manage Application VulnerabilitiesUsing ThreadFix to Manage Application Vulnerabilities
Using ThreadFix to Manage Application VulnerabilitiesDenim Group
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
Symantec 2010 Windows 7 Migration Survey
Symantec 2010 Windows 7 Migration SurveySymantec 2010 Windows 7 Migration Survey
Symantec 2010 Windows 7 Migration SurveySymantec
 
How to Increase Performance and Virtualization Efficiency with Emulex 16Gb FC...
How to Increase Performance and Virtualization Efficiency with Emulex 16Gb FC...How to Increase Performance and Virtualization Efficiency with Emulex 16Gb FC...
How to Increase Performance and Virtualization Efficiency with Emulex 16Gb FC...Emulex Corporation
 
Microsoft Power Point Information Security And Risk Managementv2
Microsoft Power Point Information Security And Risk Managementv2Microsoft Power Point Information Security And Risk Managementv2
Microsoft Power Point Information Security And Risk Managementv2Graeme Payne
 
How Mature is Your Data Protection? 3 Steps to Effective Data Security.
How Mature is Your Data Protection? 3 Steps to Effective Data Security.How Mature is Your Data Protection? 3 Steps to Effective Data Security.
How Mature is Your Data Protection? 3 Steps to Effective Data Security.Lumension
 
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 yearsThe Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 yearsJay McBain
 
The Relationship Between Development Problems and Use of Software Engineering...
The Relationship Between Development Problems and Use of Software Engineering...The Relationship Between Development Problems and Use of Software Engineering...
The Relationship Between Development Problems and Use of Software Engineering...SoftwarePractice
 
VIPRE --Responding to Cyberattacks
VIPRE --Responding to CyberattacksVIPRE --Responding to Cyberattacks
VIPRE --Responding to CyberattacksAbhishek Sood
 
Ponemon survey cloud security webcast
Ponemon survey cloud security webcastPonemon survey cloud security webcast
Ponemon survey cloud security webcastDome9 Security
 
Data growth-protection-trends-research-results
Data growth-protection-trends-research-resultsData growth-protection-trends-research-results
Data growth-protection-trends-research-resultsAccenture
 
Secure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your DataSecure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your DataArmor
 
Survey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecuritySurvey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecurityAirTight Networks
 

Ähnlich wie Attackers Vs. Defenders: Restoring the Equilibrium (20)

ISTR Volume 18
ISTR Volume 18ISTR Volume 18
ISTR Volume 18
 
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...
 
Symantec 2010 Disaster Recovery Study
Symantec 2010 Disaster Recovery StudySymantec 2010 Disaster Recovery Study
Symantec 2010 Disaster Recovery Study
 
Using ThreadFix to Manage Application Vulnerabilities
Using ThreadFix to Manage Application VulnerabilitiesUsing ThreadFix to Manage Application Vulnerabilities
Using ThreadFix to Manage Application Vulnerabilities
 
We present Bugscout
We present BugscoutWe present Bugscout
We present Bugscout
 
Progressive Times - May 2012
Progressive Times - May 2012Progressive Times - May 2012
Progressive Times - May 2012
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
 
Symantec 2010 Windows 7 Migration Survey
Symantec 2010 Windows 7 Migration SurveySymantec 2010 Windows 7 Migration Survey
Symantec 2010 Windows 7 Migration Survey
 
How to Increase Performance and Virtualization Efficiency with Emulex 16Gb FC...
How to Increase Performance and Virtualization Efficiency with Emulex 16Gb FC...How to Increase Performance and Virtualization Efficiency with Emulex 16Gb FC...
How to Increase Performance and Virtualization Efficiency with Emulex 16Gb FC...
 
Microsoft Power Point Information Security And Risk Managementv2
Microsoft Power Point Information Security And Risk Managementv2Microsoft Power Point Information Security And Risk Managementv2
Microsoft Power Point Information Security And Risk Managementv2
 
Insights on it risk bcm
Insights on it risk bcmInsights on it risk bcm
Insights on it risk bcm
 
How Mature is Your Data Protection? 3 Steps to Effective Data Security.
How Mature is Your Data Protection? 3 Steps to Effective Data Security.How Mature is Your Data Protection? 3 Steps to Effective Data Security.
How Mature is Your Data Protection? 3 Steps to Effective Data Security.
 
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 yearsThe Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 years
 
The Relationship Between Development Problems and Use of Software Engineering...
The Relationship Between Development Problems and Use of Software Engineering...The Relationship Between Development Problems and Use of Software Engineering...
The Relationship Between Development Problems and Use of Software Engineering...
 
C prime webinar-ppt-validating agile
C prime webinar-ppt-validating agileC prime webinar-ppt-validating agile
C prime webinar-ppt-validating agile
 
VIPRE --Responding to Cyberattacks
VIPRE --Responding to CyberattacksVIPRE --Responding to Cyberattacks
VIPRE --Responding to Cyberattacks
 
Ponemon survey cloud security webcast
Ponemon survey cloud security webcastPonemon survey cloud security webcast
Ponemon survey cloud security webcast
 
Data growth-protection-trends-research-results
Data growth-protection-trends-research-resultsData growth-protection-trends-research-results
Data growth-protection-trends-research-results
 
Secure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your DataSecure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your Data
 
Survey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecuritySurvey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise Security
 

Mehr von Radware

Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)Radware
 
What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)Radware
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16Radware
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security ServicesRadware
 
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)Radware
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware
 
The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...Radware
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]Radware
 
The Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeThe Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeRadware
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Radware
 
Radware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreRadware
 
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceMobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceRadware
 
Emotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionEmotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionRadware
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarRadware
 
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...Radware
 
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeSecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeRadware
 
In the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-AttacksIn the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-AttacksRadware
 
Survival in an Evolving Threat Landscape
Survival in an Evolving Threat LandscapeSurvival in an Evolving Threat Landscape
Survival in an Evolving Threat LandscapeRadware
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksRadware
 

Mehr von Radware (20)

Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)
 
What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security Services
 
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF Service
 
The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]
 
The Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeThe Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs Downtime
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?
 
Radware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock Bash
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
 
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceMobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
 
Emotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionEmotional Engagement and Brand Perception
Emotional Engagement and Brand Perception
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
 
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
 
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeSecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
 
In the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-AttacksIn the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-Attacks
 
Survival in an Evolving Threat Landscape
Survival in an Evolving Threat LandscapeSurvival in an Evolving Threat Landscape
Survival in an Evolving Threat Landscape
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
 

Kürzlich hochgeladen

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Kürzlich hochgeladen (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Attackers Vs. Defenders: Restoring the Equilibrium

  • 1. Attackers Vs. Defenders: Restoring the Equilibrium Ron Meyran Director of Security Marketing January 2013
  • 2. AGENDA Cyber security Statistics About 2012 Global Security Report Key Findings ERT Case Studies 2013 Recommendations
  • 3. Cyber Security Study • A research study by Ponemon & Radware • Surveyed 700 IT & IT Security Practitioners • Non Radware customers • Release date: November 12th 2012 3
  • 4. Cyber Security Business Priorities Ranking of cyber security objectives in terms of a business priority objective 5 = Highest Priority to 1 = Lowest Priority 5 4.7 4.5 4.4 4 3.5 3.5 3 2.8 2.5 2 1.9 1.5 1 0.5 0 Interoperability Confidentiality Integrity Compliance Availability 4
  • 5. DDoS Attacks Frequency How many DDoS attacks experienced in the past 12 months? of organizations had an 65% average of 3 DDoS attacks in the past 12 months 5
  • 6. Average downtime during one DDoS attack 25% 22% 20% 16% 15% 13% Minutes average 10% 10% 54 11% downtime during 9% one DDoS attack 5% 10% 5% 4% 0% Less than 1 11 to 20 minutes 31 to 60 minutes 3 to 5 Cannot minute hours determine 6
  • 7. Cost of Downtime Cost per minute of downtime 25% 21% 20% 15% 12% $22,000 15% 15% Average cost per minute of downtime 11% 10% 8% 7% 5% 1% $3,000,000 5% 5% 0% Average annual Cost of DDoS Attacks 7
  • 8. AGENDA Cyber security Statistics About 2012 Global Security Report Key Findings ERT Case Studies 2013 Recommendations
  • 9. Information Resources • Radware Security Survey • ERT Survey – External survey – Internal survey – 179 participant – Unique visibility into attacks – 95.5% are not using behaviour Radware DoS mitigation – 95 selected cases solution • Customer identity remains undisclosed ERT gets to see attacks in real-time on daily basis 9
  • 10. AGENDA Cyber security Statistics About 2012 Global Security Report Key Findings ERT Case Studies 2013 Recommendations
  • 11. Organizations Bring a Knife to a Gunfight • ”Someone who brings a knife to a gun fight” – Is someone who does prepare himself for the fight, but does not understand its true nature • Organizations today are like that – They do invest before the attack starts, and conduct excellent forensics after it is over, – however, they have one critical blind-spot – they don't have the capabilities or resources to sustain a long, complicated attack campaign. • Attackers target this blind spot! 11
  • 12. Attacked in 2012 They had the budget They made the investment And yet they went offline 12
  • 13. Organizations Deploy Two-phase Security Approach Industry Security Survey How much did your organization invest in each of the following security aspects in the last year? 45% 40% 35% 30% 25% Procedures 20% Human skills 15% Equipment 10% 5% 0% Before During After Only 21% of company efforts are invested during the attack itself, while 79% is spent during the pre-attack and post-attack phase. 13
  • 14. But attacks today have 3 phases 14
  • 15. Attacks last longer 21% 23% 14 21% 12 12% 10 8 2011 2012 6 11% 4 12% 2 20 0 12 1-2 days 20 Half a week 11 1 week Attacks last longer: The number of DoS attacks lasting over a week had doubled in 2012 15
  • 16. And become more complex ERT Cases – Attack Vectors 29% 29% 16% 30% 25% 20% 15% 16% 10% 4% 5% 0% 7% 5-6 7-8 Complexity 9-10 2011 2012 Attacks are more complex: 2012 DoS/DDoS attacks have become more sophisticated, using morecomplex attack vectors. Note the number of attacks using a complexity level of 7-10. 16
  • 17. Content Delivery Network (CDN) Do you consider Content Delivery Networks (CDNs) a solution for a DoS/DDoS attack? 70% Yes 30% No 70% of the companies who use CDN believe the CDN is a solution for DoSDDoS attacks. 17
  • 18. Attacks Evade CDN service GET Legitimate requests www.exmaple.com are refused Legitimate users Internet Backend Webserver • In recent cyber attacks the CDN was easily bypassed – By changing the page request in every Web GET www.exmaple.com/?[Random] transaction Botnet • These random request techniques force CDNs to “raise the curtain” – All the attacks traffic is disembarked directly to the customer premise – More complex to mitigate attacks masked by CDN CDN service 18
  • 19. Attackers are well prepared • By definition the defenders loose the battle • Equilibrium has been disrupted 19
  • 20. The good news (1) Industry Security Survey How likely is it that your organization will be attacked by cyber warfare? Possible 37% Organizations start understanding Unlikely 45% the risk of DDoS Very likely Likely 10% 8% Over half of the organizations believe their organization is likely to be attacked by cyber warfare. 20
  • 21. The good news (2) Industry Security Survey Which solutions do you use against DoS attacks? 40% 45% 40% 32% 32% 35% 27% 30% Organizations start understanding 25% 20% 12% 15% Firewall and IPS cannot fight DDoS 5% 5% 5% 8% 10% 5% 3% 8% 2% 5% 10% 1% 5% attacks 0% 2012 2011 21
  • 22. Conclusions • Today‟s attacks are different – Carefully planned – Last days or weeks – Switching between attack vectors • Organizations are ready to fight yesterdays‟ attacks – Deploy security solutions that can absorb the first strike – But when attacks prolong - they have very limited gunfire – By the time they succeed blocking the first two attack vectors, attackers switch to a third, more powerful one 22
  • 23. A different approach is needed • A team of security experts – Acquire capabilities to sustain long attacks – Train a team that is ready to respond to persistent attacks – Deploy the most up-to-date methodologies and tools – 24 x 7 availability to respond to attacks – Deploy counterattack techniques to cripple an attack 23
  • 24. AGENDA Cyber security Statistics About 2012 Global Security Report Key Findings ERT Case Studies 2013 Recommendations
  • 25. US Banks Under Attack: from the news 25
  • 26. US Banks Under Attack: Operation Ababil • Publication of the „Innocence of Muslim‟ film on YouTube invokes demonstrations throughout the Muslim world • September 18th- „Cyber Fighters of Izz ad-din Al Qassam‟ announced an upcoming cyber attack campaign against „American and Zionist‟ targets. 26
  • 27. Attack Summary • Attack targets – Bank of America – New York Stock Exchange (NYSE) – Chase – Wells Fargo • Attacks lasted Sep 18-21, 2012 • Multiple attacks‟ waves on each target, each wave lasted 4 to 9 hours • Victims suffered from temporary outages and network slowness • ERT was actively involved in protecting the attacked organizations 27
  • 28. Why it was so challenging? UDP Garbage flood on ports 80 and 443 Multi-vulnerability attack campaignLarge volume SYN flood • Mitigation nearly impossible Business • Attackers look for the blind spot SSL Client Hello flood HTTP flood attack 28
  • 29. Recent updates • HTTP flood was carried from compromised hosting servers – Highly distributed attacks 29
  • 30. AGENDA Cyber security Statistics About 2012 Global Security Report Key Findings ERT Case Studies 2013 Recommendations
  • 31. ERT recommendations for 2013 • Acquire capabilities to sustain a long sophisticated cyber attack • Attack tools are known. Test yourself • Carefully plan the position of DoS/DDoS mitigation within network architecture – On premise capabilities – In the cloud capabilities 31
  • 32. Thank You Ron Meyran ronm@radware.com

Hinweis der Redaktion

  1. I would like to share with you the results of a very interesting survey that we did last month. The research was conducted by Ponemon and included 700 IT & IT security staff that are not Radware customers.The survey is going to be released next week and today we can have a first look into some of its highlights.
  2. Availability is the top business priority for organizations today… that has been changed over the last couple of years.
  3. We didn’t do this survey in the past, but we know that 2 years ago we had explain the threat more. Today it’s changed.
  4. What happens after the Backend server crashes depends on the type of CDN service provided, two options here:Static content still provided by CDN, dynamic content unavailable2. Service is not provided at all when backend server is not responsive