Tag Archives: security-risks

Limelight Layer0 Security protects against malicious website attacks

Limelight released Layer0 Security Platform, significantly enhancing its capabilities in the $4.4B web CDN and security market it entered in November. A fully PCI-compliant solution, Layer0 Security protects customers against OWASP Top 10 security risks, SQL injection, cross-site scripting, PHP injection, bot attacks, DDoS attacks, and other threats. Limelight has been delivering secure content for more than two decades and, as the threat landscape becomes increasingly sophisticated, companies need seamless, automated solutions to simplify development, … More ? The post Limelight Layer0 Security protects against malicious website attacks appeared first on Help Net Security .

See original article:
Limelight Layer0 Security protects against malicious website attacks

Many businesses are relying on others to fight DDoS attacks

With large scale cyber attacks constantly hitting the headlines, businesses ought to be aware of the need to protect themselves. But a new study by Kaspersky Lab shows that 40 percent of businesses are unclear on how to protect themselves against targeted attacks and DDoS. Many believe that someone else will protect them and therefore don’t take their own security measures. 40 percent think their ISP will provide protection and 30 percent think data center or infrastructure partners will protect them. Moreover, the survey finds that 30 percent fail to take action because they think they are unlikely to be targeted by DDoS attacks. Surprisingly, 12 percent even admit to thinking that a small amount of downtime due to DDoS would not cause a major issue for the company. The reality of course is that any company can be targeted because such attacks are easy for cybercriminals to launch and the potential cost of a single attack can be millions. “As we’ve seen with the recent attacks, DDoS is extremely disruptive, and on the rise,” says Kirill Ilganaev, head of Kaspersky DDoS protection at Kaspersky Lab. “When hackers launch a DDoS attack, the damage can be devastating for the business that’s being targeted because it disables a company’s online presence. As a result business workflow comes to a halt, mission-critical processes cannot be completed and reputations can be ruined. Online services and IT infrastructure are just too important to leave unguarded. That’s why specialized DDoS protection solution should be considered an essential part of any effective protection strategy in business today”. The findings are based on Kaspersky Lab’s annual Corporate IT Security Risks survey conducted in cooperation with B2B International. In 2016, it surveyd more than 4,000 representatives of small, medium (50 to 999 employees) and large businesses (1000+) from 25 countries to find their views on IT security and the real incidents they had to deal with. Source: http://betanews.com/2017/01/05/business-ddos-rely-others/

Read the article:
Many businesses are relying on others to fight DDoS attacks

Cybercriminals use DDoS as smokescreen for other attacks on business

Distributed Denial of Service (DDoS) attacks are sometimes used by cybercriminals to distract businesses while hackers sneak in through the back door, a survey from Kaspersky Lab and B2B International suggests. Over half of businesses questioned (56%) are confident that DDoS has been used as a smokescreen for other kinds of cybercrime, and of those business respondents, a large majority (87%) reported that they had also been the victim of a targeted attack. The Kaspersky Lab IT Security Risks 2016 study showed that when businesses have suffered from cybercrime, DDoS has often been part of the attack tactics (29%). For example, a worrying quarter (26%) of businesses that have suffered data loss as a result of a targeted attack, named DDoS as one of the contributing vectors. Overall, 56% of business representatives surveyed believed that the DDoS attacks their companies had experienced were a smokescreen or decoy for other criminal activities. Kirill Ilganaev, Head of Kaspersky DDoS Protection, explained why DDoS attacks may appeal to cybercriminals as part of their tactics. He said, “DDoS prevents a company from carrying on its normal activities by putting either public or internal services on hold. This is obviously a real problem to businesses and it is often ‘all hands on deck’ in the IT team, to try and fix the problem quickly, so the business can carry on as before. DDoS can therefore be used not only as an easy way to stop the activity of a company, but also as a decoy to distract IT staff from another intrusion taking place through other channels.” The study found that when DDoS attacks have been used by cybercriminals as a smokescreen, businesses also faced threats such as losses and exploits through mobile devices (81%), the actions of other organizations (78%), phishing scams (75%) and even the malicious activity of internal staff (75%). The majority (87%) were also victims of targeted attacks. Ilganaev continued, “The research shows us that DDoS attacks are often aligned with other threats. Businesses therefore need to be aware of the full threat landscape, and prepared to deal with multiple types of criminal activity at any one time. Failure to do this could increase the collateral damage, on top of already significant losses caused by downtime and the resulting impact on reputation. Businesses need to use a reliable DDoS protection service to reduce the risk of DDoS and help staff concentrate their efforts on protecting the business from any threats that can be hidden as a result.” Source: http://www.networksasia.net/article/cybercriminals-use-ddos-smokescreen-other-attacks-business.1480989900

See original article:
Cybercriminals use DDoS as smokescreen for other attacks on business

Chinese Firm Defends Webcam Security After DDoS Attacks

Hangzhou Xiongmai Technology says devices sold in the US before April 2015 will be recalled after attack on Dyn servers. China’s Hangzhou Xiongmai Technology, which has issued a recall for thousands of webcams sold in the US that were used in a massive distributed denial of service (DDoS) attack on the servers of US-based internet company Dyn, said the hacks occurred because customers didn’t change the default password, according to the AP. The attack, which in part came through devices with Xiongmai components, briefly cut access to many sites including Twitter, Netflix, Amazon, and Spotify. Xiongmai’s Liu Yuexin told AP the company did its best to secure the devices. The company, he added, came to know of the weakness in its webcams and digital recorders in April 2015 and had patched the flaws. Vulnerabilities in devices by Xiongmai and video surveillance maker Dahua first came to light after an attack on the website of cybersecurity writer Brian Krebs and has highlighted concerns of security risks from interconnected consumer gadgets. Source: http://www.darkreading.com/attacks-breaches/chinese-firm-defends-webcam-security-after-ddos-attacks/d/d-id/1327298

See more here:
Chinese Firm Defends Webcam Security After DDoS Attacks