SlideShare a Scribd company logo

The Rising Threat of DDoS Attacks: Is Your Business at Risk?

Download as PPTX, PDF
NetStandard
NetStandard

Presented originally by NetStandard's Daniel Fluke, Ph.D. at INTERFACE Kansas City, this presentation defines the differences between DoS and DDoS attacks and provides tips for identifying and mitigating attacks on your business.

TechnologyEconomy & Finance
1 of 21
The Rising Threat of DDoS Attacks Is Your Business At Risk? NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Daniel Fluke, Ph.D NetStandard Inc.
What Is A DoS or DDoS Attack? A Denial of Service (DoS) or Distributed Denial of Service (DDoS) attack is an attempt by a malicious party to make a machine or network resource (like a website) unavailable to its intended users (your customers). Targets: • Financial Institutions • Small/Midsized Businesses • Retail NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 |
DoS or DDoS: What’s the Difference? DoS – Denial of Service A Denial of Service attack is an attempt by a single machine to prevent others from utilizing your website resources. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 |
DoS or DDoS: What’s the Difference? NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | DDoS – Distributed Denial of Service A Distributed Denial of Service attack is an attempt by multiple machines to prevent others from utilizing your website resources.
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks There are multiple types of attacks that can effectively make your systems inaccessible or unresponsive to users. Three general types of attacks: 1. Volume-Based Attacks 2. Protocol Attacks 3. Application Layer Attacks
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Volume-Based Attacks Goal: To saturate the bandwidth of the attacked site. The magnitude of this type of attack is typically measured in bits per second. Attack Includes: • UDP Floods • ICMP Floods • Spoofed Packet Floods
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Protocol Attacks Goal: To consume the resources of either the servers or the intermediate communication equipment, such as routers, load balancers and/or firewalls. Protocol attacks are usually measured in packets per second. Attack Includes: • SYN Floods • Fragmented Packet Attacks • The Ping of Death • Smurf DDoS
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Application Layer Attacks Goal: To crash web servers. Arguably the most dangerous form of DDoS attack, these attacks are often comprised of seemingly legitimate and innocent requests. Application layer attacks are often measured in requests per second. Attack Includes: • Slowloris • Zero-day DDoS attacks • DDoS attacks on Apache, Windows or OpenBSD vulnerabilities
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks In Q1 of 2013, the Prolexic Global DDoS Attack Report gives the following breakdown of the types of attacks being carried out:
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks In Q1 of 2013, the Prolexic Global DDoS Attack Report gives the following breakdown of the types of attacks being carried out: • Syn Flood – Spoofed Syn packets fill the connection tables of your servers • ICMP Flood – ICMP packets overload servers and inbound bandwidth • Non-Service Port Flood – TCP/UDP packets overload servers and inbound bandwidth on ports not being used for services (i.e., Port 81) • Service Port Flood – Packets overload servers and inbound bandwidth on ports being used for services (i.e., Port 80) • Fragmented Flood – Fragmented packets are sent to servers, causing them to overload as they process those packets • HTTP Get Flood – HTTP Get requests flood servers and incoming bandwidth on in-use service ports, mimicking valid traffic
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | How Is An Attack Launched? • In order to launch a DDoS attack, attackers need between several hundred and several thousand compromised hosts. Hosts are usually Linux and SUN computers, but tools can be ported to other platforms • Compromising a host and installing tools is automated. The process can be divided into four steps: 1. Attackers initiate scan phase 2. Identified vulnerable hosts are compromised 3. Tools installed on each host 4. Compromised hosts are used for further scanning and compromising
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | How Is An Attack Controlled? Using a command and control system, attackers create subordinate systems that can control the attacking machines. • Attackers can compromise and install tools on a single host in under 5 seconds • Several thousand hosts can be compromised in less than an hour • Large attacks may have multiple subordinate control systems and thousands of Bots • Commands can be passed on to initiate and control attacking machines
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | The Origins of Attacks Top 10 Attack Source Countries: *Prolexic Global DDoS Attack Report, Q1 2013
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | What Motivates Attackers? • Revenge against a company’s policies or practices • Revenge against a company for something posted on social media • Eliciting ransom money to stop the attack • Ransoming bandwidth and availability • Because they can
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Are You A Target? • Banks and financial institutions • Consumer goods retailers • Manufacturers • Companies in the news • Companies engaging in political, cultural or social hot-button issues, whether through comments in social media or day-to-day practices. EVERY BUSINESS IS A TARGET. Some, however, are more popular targets than others:
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Know When You’re Under Attack • Abnormally high or unexpected loads on websites • “Service Unavailable” messages • Abnormalities or unusual activity in website statistics • Suspicious activity in log files • Abnormally high bandwidth utilization Key signs your business is under attack: If your company is in the cloud, you could be affected when another company hosted by your provider is attacked. Selecting a provider with plenty of additional bandwidth can help absorb the bandwidth of the demands and mitigate the impact to your business.
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Prepare Before An Attack • Know Your Vulnerabilities – What is happening internally that might make attackers aware of your presence? • Increase Resiliency and Availability – Implement industry best practices for network infrastructure, applications, critical support services and DNS. • Secure Potential Bottlenecks – Ensure systems are configured correctly. • Watch Your Systems and Network – Use automated tools to monitor and alert on suspicious activity. • Small Attacks Happen, Too – Nearly 50% of attacks are less than 5GB, and 25% are 1GB or less. • Beware of Application Attacks – These are much harder to recognize than network layer attacks. Create a plan before an attack:
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Prepare Before An Attack • Beware Blended Attacks – Attackers are increasingly combining network and application layer attacks. • Look for Suspicious Activity – Be aware of the possibilities of suspicious activity, like social engineering, during an attack. Sometimes DDoS is used as a distraction. • Make Friends Upstream – Your ISP can help identify and mitigate attacks. Work with them to implement various strategies that can help before an attack and after. • Sign Up For DoS/DDoS Mitigation Services – Consider signing up for a DoS/DDoS mitigation service, like those provided by AT&T, Verisign, Arbor Networks and Prolexic. Create a plan before an attack, cont.:
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | What If I’m Attacked? • Block the attack with packet filters on your routers. If possible, do this at the border of your network or through your ISP. • Null route, or blackhole, the IP address being attacked on your border routers or on your ISP’s border routers. This will effectively shut down the service running attached to that IP address, but it could keep other systems online and available. • Use Anycast and Multicast Source Discovery Protocol (MSDP) if your company has websites co-hosted at several locations. Your response to an attack is dependent upon what type of attack is being waged. Initial steps should include:
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | DDoS In The News Independent Newspapers – Received attack following the publishing of an article in support of Zimbabwean President Robert Mugabe. The Spamhaus Project – Spam crusaders have been battling massive DDoS attacks that have reportedly resulted in a slowdown of the entire Web. Attacks on U.S. Banks – An Islamic group launched a third wave of high-powered DDoS attacks against U.S. banks in March 2013 and is reportedly targeting other financial institutions.
NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Questions? Contact us!

Recommended

DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attackstollen_fusion
 
kevin's powerpoint chapt 6
kevin's powerpoint chapt 6kevin's powerpoint chapt 6
kevin's powerpoint chapt 6kkajairo
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacksRollingsherman
 
3G Radio Network Planning
3G Radio Network Planning3G Radio Network Planning
3G Radio Network Planningtoha ardi nugraha
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service AttacksPascal Flöschel
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the CloudNetStandard
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

Recommended

DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attackstollen_fusion
 
kevin's powerpoint chapt 6
kevin's powerpoint chapt 6kevin's powerpoint chapt 6
kevin's powerpoint chapt 6kkajairo
 
An introduction to denial of service attacks
An introduction to denial of service attacksAn introduction to denial of service attacks
An introduction to denial of service attacksRollingsherman
 
3G Radio Network Planning
3G Radio Network Planning3G Radio Network Planning
3G Radio Network Planningtoha ardi nugraha
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service AttacksPascal Flöschel
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the CloudNetStandard
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 

More Related Content

Recently uploaded

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Recently uploaded (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Featured

Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at WorkGetSmarter
 

Featured (20)

Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 

The Rising Threat of DDoS Attacks: Is Your Business at Risk?

  • 1. The Rising Threat of DDoS Attacks Is Your Business At Risk? NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Daniel Fluke, Ph.D NetStandard Inc.
  • 2. What Is A DoS or DDoS Attack? A Denial of Service (DoS) or Distributed Denial of Service (DDoS) attack is an attempt by a malicious party to make a machine or network resource (like a website) unavailable to its intended users (your customers). Targets: • Financial Institutions • Small/Midsized Businesses • Retail NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 |
  • 3. DoS or DDoS: What’s the Difference? DoS – Denial of Service A Denial of Service attack is an attempt by a single machine to prevent others from utilizing your website resources. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 |
  • 4. DoS or DDoS: What’s the Difference? NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | DDoS – Distributed Denial of Service A Distributed Denial of Service attack is an attempt by multiple machines to prevent others from utilizing your website resources.
  • 5. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks There are multiple types of attacks that can effectively make your systems inaccessible or unresponsive to users. Three general types of attacks: 1. Volume-Based Attacks 2. Protocol Attacks 3. Application Layer Attacks
  • 6. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Volume-Based Attacks Goal: To saturate the bandwidth of the attacked site. The magnitude of this type of attack is typically measured in bits per second. Attack Includes: • UDP Floods • ICMP Floods • Spoofed Packet Floods
  • 7. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Protocol Attacks Goal: To consume the resources of either the servers or the intermediate communication equipment, such as routers, load balancers and/or firewalls. Protocol attacks are usually measured in packets per second. Attack Includes: • SYN Floods • Fragmented Packet Attacks • The Ping of Death • Smurf DDoS
  • 8. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks Application Layer Attacks Goal: To crash web servers. Arguably the most dangerous form of DDoS attack, these attacks are often comprised of seemingly legitimate and innocent requests. Application layer attacks are often measured in requests per second. Attack Includes: • Slowloris • Zero-day DDoS attacks • DDoS attacks on Apache, Windows or OpenBSD vulnerabilities
  • 9. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks In Q1 of 2013, the Prolexic Global DDoS Attack Report gives the following breakdown of the types of attacks being carried out:
  • 10. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Types of DDoS Attacks In Q1 of 2013, the Prolexic Global DDoS Attack Report gives the following breakdown of the types of attacks being carried out: • Syn Flood – Spoofed Syn packets fill the connection tables of your servers • ICMP Flood – ICMP packets overload servers and inbound bandwidth • Non-Service Port Flood – TCP/UDP packets overload servers and inbound bandwidth on ports not being used for services (i.e., Port 81) • Service Port Flood – Packets overload servers and inbound bandwidth on ports being used for services (i.e., Port 80) • Fragmented Flood – Fragmented packets are sent to servers, causing them to overload as they process those packets • HTTP Get Flood – HTTP Get requests flood servers and incoming bandwidth on in-use service ports, mimicking valid traffic
  • 11. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | How Is An Attack Launched? • In order to launch a DDoS attack, attackers need between several hundred and several thousand compromised hosts. Hosts are usually Linux and SUN computers, but tools can be ported to other platforms • Compromising a host and installing tools is automated. The process can be divided into four steps: 1. Attackers initiate scan phase 2. Identified vulnerable hosts are compromised 3. Tools installed on each host 4. Compromised hosts are used for further scanning and compromising
  • 12. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | How Is An Attack Controlled? Using a command and control system, attackers create subordinate systems that can control the attacking machines. • Attackers can compromise and install tools on a single host in under 5 seconds • Several thousand hosts can be compromised in less than an hour • Large attacks may have multiple subordinate control systems and thousands of Bots • Commands can be passed on to initiate and control attacking machines
  • 13. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | The Origins of Attacks Top 10 Attack Source Countries: *Prolexic Global DDoS Attack Report, Q1 2013
  • 14. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | What Motivates Attackers? • Revenge against a company’s policies or practices • Revenge against a company for something posted on social media • Eliciting ransom money to stop the attack • Ransoming bandwidth and availability • Because they can
  • 15. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Are You A Target? • Banks and financial institutions • Consumer goods retailers • Manufacturers • Companies in the news • Companies engaging in political, cultural or social hot-button issues, whether through comments in social media or day-to-day practices. EVERY BUSINESS IS A TARGET. Some, however, are more popular targets than others:
  • 16. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Know When You’re Under Attack • Abnormally high or unexpected loads on websites • “Service Unavailable” messages • Abnormalities or unusual activity in website statistics • Suspicious activity in log files • Abnormally high bandwidth utilization Key signs your business is under attack: If your company is in the cloud, you could be affected when another company hosted by your provider is attacked. Selecting a provider with plenty of additional bandwidth can help absorb the bandwidth of the demands and mitigate the impact to your business.
  • 17. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Prepare Before An Attack • Know Your Vulnerabilities – What is happening internally that might make attackers aware of your presence? • Increase Resiliency and Availability – Implement industry best practices for network infrastructure, applications, critical support services and DNS. • Secure Potential Bottlenecks – Ensure systems are configured correctly. • Watch Your Systems and Network – Use automated tools to monitor and alert on suspicious activity. • Small Attacks Happen, Too – Nearly 50% of attacks are less than 5GB, and 25% are 1GB or less. • Beware of Application Attacks – These are much harder to recognize than network layer attacks. Create a plan before an attack:
  • 18. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Prepare Before An Attack • Beware Blended Attacks – Attackers are increasingly combining network and application layer attacks. • Look for Suspicious Activity – Be aware of the possibilities of suspicious activity, like social engineering, during an attack. Sometimes DDoS is used as a distraction. • Make Friends Upstream – Your ISP can help identify and mitigate attacks. Work with them to implement various strategies that can help before an attack and after. • Sign Up For DoS/DDoS Mitigation Services – Consider signing up for a DoS/DDoS mitigation service, like those provided by AT&T, Verisign, Arbor Networks and Prolexic. Create a plan before an attack, cont.:
  • 19. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | What If I’m Attacked? • Block the attack with packet filters on your routers. If possible, do this at the border of your network or through your ISP. • Null route, or blackhole, the IP address being attacked on your border routers or on your ISP’s border routers. This will effectively shut down the service running attached to that IP address, but it could keep other systems online and available. • Use Anycast and Multicast Source Discovery Protocol (MSDP) if your company has websites co-hosted at several locations. Your response to an attack is dependent upon what type of attack is being waged. Initial steps should include:
  • 20. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | DDoS In The News Independent Newspapers – Received attack following the publishing of an article in support of Zimbabwean President Robert Mugabe. The Spamhaus Project – Spam crusaders have been battling massive DDoS attacks that have reportedly resulted in a slowdown of the entire Web. Attacks on U.S. Banks – An Islamic group launched a third wave of high-powered DDoS attacks against U.S. banks in March 2013 and is reportedly targeting other financial institutions.
  • 21. NetStandard.com | 2000 Merriam Lane | Kansas City, KS 66106 | Questions? Contact us!

Editor's Notes

  1. The whole point of a Denial of Service (DoS) attack is to deny your legitimate users access to those resources.
  2. The process of compromising a host and installing the tool is automated. The process can be divided into these steps, in which the attackers: Initiate a scan phase in which a large number of hosts (on the order of 100,000 or more) are probed for a known vulnerability. Compromise the vulnerable hosts to gain access. Install the tool on each host. Use the compromised hosts for further scanning and compromises.
  3. Because an automated process is used, attackers can compromise and install the tool on a single host in under five seconds. In other words, several thousand hosts can be compromised in under an hour. In essence, the Attacker, using a command and control system may create subordinate systems that can control the attacking machines.Very large attacks may have multiple subordinate control systems and hundred or thousands of Bots that will actually be the originating attacking machines.Commands can be passed along to initiate and control the attacking machines, thus denying access to your resources.
  4. According to the Prolexic Global DDoS Attack Report, Q1 2013: The top 10 Attack Source Countries are
  5. Attackers can be motivated by any number of reasons.Revenge against your company for some policy you may haveRevenge against your company for something that your company posted on a social media siteDamaging your business to elicit payment from you to stop the attackAttackers may be seeking to ransom your bandwidth and availability, and if you pay them off they will stop the attack.Sometimes it is just BECAUSE THEY CAN!
  6. Just about every type of business can be a target, and likely have been in some fashion over the course of the last 10 years or so.Some of the favorite targets are:Banks and other financial institutionsConsumer goods retailers and manufacturersCompanies that are in the newsCompanies that have just made someone or some group mad because of their policies, comments in social media or any number of other reasons
  7. How do you know you are being attacked.Regularly monitor your web site performance. If loads are abnormally high and unexpected, you may be under attack.You may start seeing Service Unavailable messages that might indicate that you services are heavily loaded.Pay attention to your web statistics reviewing them for anomalies that might indicate unusual activity.Check your log files for suspicious activity.Monitor bandwidth utilization to identify potential attack activity.
  8. Attacks are cheap to launch and expensive to combat!
  9. Attacks are cheap to launch and expensive to combat!
  10. Attacks are cheap to launch and expensive to combat!
  11. Independent Newspapers has confirmed a report that it has come under a cyber attack. The online division, IOL, was offline on Wednesday amid reports that it had sustained a DDOS attack for publishing an article in support of Zimbabwean president Robert Mugabe.Distributed denial-of-service (DDoS) attacks that could be related have …. slammed the DNS servers of at least three providers of domain name management and DNS hosting services. DNSimple, easyDNS and TPP Wholesale all reported temporary DNS service outages and degradation on Monday, citing DDoS attacks as the reason.Spam crusaders The Spamhaus Project have been battling massive distributed denial of service (DDoS) attacks that have reportedly resulted in a slowdown of the entire Web.An Islamic group that launched a third wave of high-powered dedicated denial-of-service (DDoS) attacks against U.S. banks in March has started targeting other financial organizations, including credit card companies and financial brokerages, security experts say.