I am a big believer in empirical evidence and I’d like to share a recent hunting experience I had on an engineering shadow system (a system deployed at a customer site, but used for engineering field test). In my recent blog post, ‘Investigation at […]Read more
Author: Darren Anstee
Kevin Whalen hit the nail on the head in his recent post ‘The destructive power of bad investigations” with his comments regarding why investigations fail, and why workflow is so important. It is common knowledge that many security teams are underwater dealing with large numbers […]Read more
‘Pay up or we’ll take your Web site down’, so goes the adage that usually accompanies ransom-based cyber-attacks. At the top of the news feed on a regular basis, we witness well-known names such as Feedly and Evernote falling victim to extortion-based DDoS attacks. But […]Read more
DDoS attacks are larger than ever. Our 9th annual Worldwide Infrastructure Security Report illustrates this point very clearly with the largest reported DDoS attack in 2013 clocking in at 309 Gbps. ATLAS data corroborates the report, with 8x the number of attacks over 20Gb/sec monitored in 2013 (as compared to 2012). And, 2014 is already shaping up to be a big year for attacks with a widely reported NTP reflection attack of 300Gbps+, and multiple attacks over 100Gbps, in early February.Read more
It’s that time again – our quarterly data pull from ATLAS to glean new insight into DDoS attack trends and how they stack up for the year to date.
Here, I’m sharing a few of the more interesting findings from my own perspective.Read more
**Updated on 4/26 with infographic**
Q1 2013 saw the previous record for the largest reported DDoS attack, around 100Gbps, shattered by the 300Gb/sec DNS reflection / amplification attack which targeted Spamhaus. Attackers have had the technical capability to generate attacks of this magnitude for some time, and now this has been demonstrated. The attack vector used in this case was not new, DNS reflection / amplification has been used to generate several of the largest attacks seen on the Internet in recent years. DNS reflection / amplification attacks are actually relatively common, but usually at much lower traffic levels.Read more
Security threats are constantly evolving and for most organizations keeping track of the ever-changing threat landscape is an ongoing challenge. However, this is becoming increasingly important for Internet data center operators as they are increasingly being targeted by all kinds of cyber-threats, with one of the most significant being DDoS (Distributed Denial of Service) attacks.
DDoS attacks have grown in size, complexity and frequency over the past decade and many organizations are now being targeted. It’s not just high-profile, politically-connected organizations that are at risk. Any enterprise which uses the Internet to sell products, offer services or to access cloud based data and applications – which applies to almost any sector and size of business – can become a target, because of who they are, what business they do, who they partner with or for any other real or perceived affiliation. The range of motivations behind DDoS attacks has broadened considerably – ideological hacktivism, extortion, disguise of other cyber-crime, vandalism, competitive weapon etc., – and a broader range of motivations means increased risk to many businesses.Read more