In 2017, a fivefold increase in DDoS attacks was recorded.
The number of DDoS attacks in the first quarter of 2017 increased fivefold compared to the same period last year. These data are presented in the Nexusguard Inc. report published on June 6.
/ photo Max Pixel CC
Alexander Khalimonenko and Oleg Kupreev from Securelist noted that in the first quarter of 2017, an increase in the number of DDoS attacks was recorded compared to the first quarter of 2016. At the same time, as Nexusguard was told last August, the first half of 2016 was a period of growth in both the number and power of attacks in the world - by 83%.
')
According to the latest reports, the development of cyber threats maintains the vector established in 2016 and continues to grow at the highest rate. The report of Kaspersky Lab DDoS Intelligence Q4 2016 marked a new record for the duration of the attack (292 hours) and a record for the number of attacks in one day (1915 cases on November 5, 2016).
According to Nexusguard, the main trend inherited from the end of 2016 was the fact that large-scale attacks became a common problem for companies. At the same time, the power of an increasing number of cyber attacks exceeds 200 Gbit / s. Increased their complexity. For example, 57% of the DDoS attacks that the Verisign domain name leader managed to cope with in the first quarter of 2017 were combined.
Based on Kaspersky Lab data, Securelist also notes the growing popularity of complex attacks (at the application level, HTTPS). An example is the combined attack (SYN + TCP Connect + HTTP Flood + UDP Flood) on the Moscow Stock Exchange.
The growth of medium-sized attacks has also been recorded, which partly fades against the background of global threats. Ashley Stephenson, CEO of Corero, a manufacturer of server protection devices, said : “Short DDoS attacks may seem harmless because they do not cause long periods of inactivity. But IT teams that choose to ignore them actually open the door to malicious attacks or encrypt viruses, data theft or other more serious intrusions. Like the mythological Trojan horse, these attacks cheat security teams, disguised as an innocent bystander. ”
In its report, Nexusguard points directly to the problem of unprotected IoT networks, the relevance of which has increased over the past few years. The trend concerns a variety of consumer and industrial devices connected to the network without proper security measures.
In recent years, hackers have begun to use more vulnerable devices to create large-scale botnets from thousands and millions of infected devices: routers, Smart-TV, and so on. The vulnerability of IoT devices is also confirmed in the Kaspersky Lab report. One example of parasitism is called the Mirai botnet. The approach used by its creators served as the basis for many other botnets.
Kirill Ilganaev, head of protection against DDoS attacks at Kaspersky Lab, said : “Given the effectiveness of IoT botnets, as well as the growing number of poorly protected IoT devices, we can reasonably predict an increase in the number of such attacks, as well as their power and complexity ".
According to the A10 Networks survey , this year the type of DDoS of Things attacks reached critical mass - in each case, the attacks involve hundreds of thousands of devices connected to the Internet. The fight against this phenomenon is only beginning to unfold - although the suppliers of IoT equipment respond extremely slowly to threats, some progress in the fight against DDoS of Things has already been achieved. Information security journalist Brian Krebs (Brian Krebs) was able to figure out the author of malware IoT Mirai, and in the UK, the attacker on Deutsche Telekom, who built the botnet based on routers, was arrested .
The US Accounts Chamber released the IoT Technology Assessment Report in May, largely focusing on the vulnerability of systems to cyber attacks. Among the main factors accompanying the proliferation of threats are the lack of security control due to the inability to predict potential problems, as well as the use of identical software in various devices, which increases the efficiency of exploiting technical vulnerabilities. In this regard, the management recommends the development of IoT devices with the obligatory possibility of updating, and in an accessible form, and not through a complex process for the user.
At the same time, Tim Murphy from Arbor Networks, which deals with the detection and prevention of DDoS attacks, urges companies not only to rely on firewalls and IPS, as they often become objects of DDoS attacks, but to build a multi-level protection in response to diversification of cyber threats. .
Therefore, in the context of combating IoT vulnerabilities, Quora users propose to consider the possibility of restricting remote access for individual devices, build multi-level authentication for those components that are not possible to isolate, check the compliance of the protection policy with OWASP, and timely carry out software updates, etc.
Against the backdrop of the growth of cyber threats Cybersecurity Ventures Inc. identified another indirect reason for the increase in attacks - the lack of personnel in the field of cyber defense. It is predicted that by 2021 there will be a shortage of 3.5 million specialists in the world. And according to Cisco estimates , about a million experts in the field of information security are already lacking to combat current threats. Ray Rothrock, the executive director of RedSeal, which provides an analytical platform, believes that this information is a “real signal” for millions of companies around the world. It is estimated that the annual damage from cyber attacks by 2021 will reach $ 6 trillion.
Robert Herjavec, founder and executive director of the Herjavec Group, encourages students to get an education in the field of cyber security. In his opinion, zero unemployment is observed in this area. According to a study by the Center for Cybersecurity and Education, about 40% of European companies are going to increase the number of their staff fighting cyber threats by at least 15% next year.
“Although cybersecurity is still relatively young, demand continues to grow and will only increase in the coming years,” concludes Christos Dimitriadis, chairman of the board of ISACA and director of the information security group INTRALOT.
PS Some materials on the topic from our blog:
/ photo Max Pixel CCEstablished trends in recent attacks
Alexander Khalimonenko and Oleg Kupreev from Securelist noted that in the first quarter of 2017, an increase in the number of DDoS attacks was recorded compared to the first quarter of 2016. At the same time, as Nexusguard was told last August, the first half of 2016 was a period of growth in both the number and power of attacks in the world - by 83%.
')
According to the latest reports, the development of cyber threats maintains the vector established in 2016 and continues to grow at the highest rate. The report of Kaspersky Lab DDoS Intelligence Q4 2016 marked a new record for the duration of the attack (292 hours) and a record for the number of attacks in one day (1915 cases on November 5, 2016).
According to Nexusguard, the main trend inherited from the end of 2016 was the fact that large-scale attacks became a common problem for companies. At the same time, the power of an increasing number of cyber attacks exceeds 200 Gbit / s. Increased their complexity. For example, 57% of the DDoS attacks that the Verisign domain name leader managed to cope with in the first quarter of 2017 were combined.
Based on Kaspersky Lab data, Securelist also notes the growing popularity of complex attacks (at the application level, HTTPS). An example is the combined attack (SYN + TCP Connect + HTTP Flood + UDP Flood) on the Moscow Stock Exchange.
The growth of medium-sized attacks has also been recorded, which partly fades against the background of global threats. Ashley Stephenson, CEO of Corero, a manufacturer of server protection devices, said : “Short DDoS attacks may seem harmless because they do not cause long periods of inactivity. But IT teams that choose to ignore them actually open the door to malicious attacks or encrypt viruses, data theft or other more serious intrusions. Like the mythological Trojan horse, these attacks cheat security teams, disguised as an innocent bystander. ”
The growing vulnerability of the Internet of things
In its report, Nexusguard points directly to the problem of unprotected IoT networks, the relevance of which has increased over the past few years. The trend concerns a variety of consumer and industrial devices connected to the network without proper security measures.
In recent years, hackers have begun to use more vulnerable devices to create large-scale botnets from thousands and millions of infected devices: routers, Smart-TV, and so on. The vulnerability of IoT devices is also confirmed in the Kaspersky Lab report. One example of parasitism is called the Mirai botnet. The approach used by its creators served as the basis for many other botnets.
Kirill Ilganaev, head of protection against DDoS attacks at Kaspersky Lab, said : “Given the effectiveness of IoT botnets, as well as the growing number of poorly protected IoT devices, we can reasonably predict an increase in the number of such attacks, as well as their power and complexity ".
According to the A10 Networks survey , this year the type of DDoS of Things attacks reached critical mass - in each case, the attacks involve hundreds of thousands of devices connected to the Internet. The fight against this phenomenon is only beginning to unfold - although the suppliers of IoT equipment respond extremely slowly to threats, some progress in the fight against DDoS of Things has already been achieved. Information security journalist Brian Krebs (Brian Krebs) was able to figure out the author of malware IoT Mirai, and in the UK, the attacker on Deutsche Telekom, who built the botnet based on routers, was arrested .
The US Accounts Chamber released the IoT Technology Assessment Report in May, largely focusing on the vulnerability of systems to cyber attacks. Among the main factors accompanying the proliferation of threats are the lack of security control due to the inability to predict potential problems, as well as the use of identical software in various devices, which increases the efficiency of exploiting technical vulnerabilities. In this regard, the management recommends the development of IoT devices with the obligatory possibility of updating, and in an accessible form, and not through a complex process for the user.
At the same time, Tim Murphy from Arbor Networks, which deals with the detection and prevention of DDoS attacks, urges companies not only to rely on firewalls and IPS, as they often become objects of DDoS attacks, but to build a multi-level protection in response to diversification of cyber threats. .
Therefore, in the context of combating IoT vulnerabilities, Quora users propose to consider the possibility of restricting remote access for individual devices, build multi-level authentication for those components that are not possible to isolate, check the compliance of the protection policy with OWASP, and timely carry out software updates, etc.
Lack of personnel
Against the backdrop of the growth of cyber threats Cybersecurity Ventures Inc. identified another indirect reason for the increase in attacks - the lack of personnel in the field of cyber defense. It is predicted that by 2021 there will be a shortage of 3.5 million specialists in the world. And according to Cisco estimates , about a million experts in the field of information security are already lacking to combat current threats. Ray Rothrock, the executive director of RedSeal, which provides an analytical platform, believes that this information is a “real signal” for millions of companies around the world. It is estimated that the annual damage from cyber attacks by 2021 will reach $ 6 trillion.
Robert Herjavec, founder and executive director of the Herjavec Group, encourages students to get an education in the field of cyber security. In his opinion, zero unemployment is observed in this area. According to a study by the Center for Cybersecurity and Education, about 40% of European companies are going to increase the number of their staff fighting cyber threats by at least 15% next year.
“Although cybersecurity is still relatively young, demand continues to grow and will only increase in the coming years,” concludes Christos Dimitriadis, chairman of the board of ISACA and director of the information security group INTRALOT.
PS Some materials on the topic from our blog:
- How to avoid becoming a victim and defend against the coder Trojan WannaCry
- Building Qualified and Secured Infrastructures Based on VMware Solutions
- How to increase the level of cloud infrastructure security
- Business cloud services and DDoS protection
- Processing and protection of personal data: frequently asked questions
- How to protect cloud data center with virtual firewalls Palo Alto Networks VM-Series
Source: https://habr.com/ru/post/330340/
All Articles