Sophisticated and persistent targeted network attacks have challenged today’s enterprise security teams— and searching for the root cause of the attack often feels like looking for a needle in a haystack.
Monitoring network traffic remains a crucial component of an enterprise’s security strategy, but gaining context into the massive amounts of data collected from your network, in a timely fashion, is still a hurdle for many enterprise security teams. Incident responders are ultimately looking for ways to definitively identify threats so they can assess the risk of infection and take the necessary steps to remediate.
Today’s big data capabilities are being harnessed to address this challenge. Arbor Networks invites you to attend a webinar hosted by Scott Crane, founder of Packetloop, recently acquired by Arbor Networks. Scott will discuss today’s network forensic analysis tools that enable security teams to flag suspicious activity faster, focusing on the critical few, and identify the threats within their network environment before they impact business.
Attend this webcast to learn:
• The advantages of using big data and security analytics to detect incoming or planted threats and prepare for incident response
• Ways to deploy security analytics tools that work best with your current infrastructure and optimize your security team’s time
• Using security analytics to store data to reconstruct attack timelines, extent and impact
As we’ve just put the finishing touches on the 9th annual Worldwide Infrastructure Report (WISR), we invited the three authors to share their thoughts on what key findings were most intriguing and/or surprising this year.
If you’d like to review the full report, feel free to download it here. You can also download infographics and select charts from this years’ report on our Pinterest page or download the presentation of key findings at Slideshare.
For a deeper dive into the key findings, join today’s webinar at 1pm ET.
No matter how much the threats — and attackers — have changed, security still all comes down to traffic, seeing it, studying it, understanding it, and ultimately leveraging that understanding to deliver powerful analytics that allow defenders to protect their infrastructure and assets in new transformative ways.
According to our 8th annual Worldwide Infrastructure Security Report (WISR), 33 percent of mobile network operators (MNOs) experienced a customer-visible outage due to a security incident, up from nearly 13 percent from the previous year. Making matters even worse, 57 percent of MNOs do not know what proportion of subscriber devices on their networks are participating in malicious activity and 60 percent have no visibility into traffic traversing their packet cores. We are expecting this number to rise with the results of this years’ Worldwide Infrastructure Security Report, as it appears to be an unfortunate trend on the upswing.
The risk to these operators is clear: unseen threats cannot be prevented or contained.
An enterprise relies on its IT infrastructure for nearly every internal and customer-facing function. Everything from informing prospects, to training staff, to processing multimillion dollar transactions is dependent on your stakeholders’ ability to access your website and your internal systems and applications. Securing those networks, from Denial of Service (DDoS) attacks and other cyber threats should be a key component to operating your business.
Just a few weeks ago, we released quarterly findings on how the DDoS threat landscape is trending as we close out Q3 2013 and head into the final quarter of the year. One of the most notable stats from that data – which was pulled from our ATLAS system and analyzed by our security experts in ASERT – was that the size of attacks is once again accelerating.
It’s that time again – our quarterly data pull from ATLAS to glean new insight into DDoS attack trends and how they stack up for the year to date.
You can dig into all the data yourself if you download the presentation on Slideshare, or read a full summary in our press release.
Here, I’m sharing a few of the more interesting findings from my own perspective.
DDoS attacks continue to be a growing problem, and one that has evolved into a much more complex and hard to ward-off problem. Not only are large, volumetric attacks continuing to cause trouble for network operators and enterprises alike, but the increasing sophistication of attacks which specifically target business-critical applications now have the ability to stop business-as-usual altogether.
Arbor Networks ATLAS data shows that Sudan dropped off the Internet around 9am ET on September 25. An article from the Associated Press may explain why.
And, according to the most recent ATLAS data, Internet traffic in Sudan returned in the morning on September 26. According to the data below, Internet traffic levels in Sudan have returned to normal levels.
Note: Times shown in the chart above are in UTC.
In a recent blog post, Dennis Schwarz, an engineer with Arbor’s Security Engineering & Response Team (ASERT) provides a detailed analysis of the Citadel malware for “Man in the Browser” attacks. This is an interesting attack because while the execution occurs locally on a user’s machine, it can have devastating effects on the risk profile of an entire organization.
Let’s look at how the attack manifests.