Stock exchanges are constantly targeted by cyber attacks. This presentation discusses several real life attacks cases studies discussing attack vectors, motivations, impacts and mitigation techniques.
7. Attack Confirmed Pipe FW Web
Vector Satur-
Measurement CPU Server
ation 100% Outage
UDP Flood 44 Mbps X X
HTTP Flood 40K Concurrent Con. X X
Empty Connection Flood 5.2K PPS X X
FIN+ACK 4 Mbps X X
8. “Stock exchange hit
by hackers”
“Attack on stock
exchange triggers
halt in trade”
12. “Stock exchange IT
have been working
intensively to resolve
all issues”
“Experts successfully
implemented a
protection against the
attacks”
“Additional measures
were taken such as a
redundant New Site”
36. Attack
Heads Up Reconnaissance Test Fire
Begins
Service Service
Disruption Disruption
Automatic Manual New Attack Mitigation
Mitigation Mitigation Vectors Continued
Attack Ends Forensic
37.
38. Attack Attack
Period Period
“Peace” “Peace”
Period Period
Time
Pre-attack Post-attack Phase Pre-attack Phase
Phase
Automatic Mitigation
(no time for human interaction)
39. THE SECURITY GAP
Attacker has time to bypass automatic mitigation.
Defenders have no skill/capacity to sustain it.
“Peace” Period “Peace” Period
Attack Period
Pre-attack Post-attack
Phase Phase
40. 45%
40%
35%
30%
Procedures 25%
20%
Human skills
15%
Equipment 10%
5%
0%
Before During After
Radware 2012 Global Application and Network Security Report
41. Be prepared for prolonged attacks!
THE SECURITY GAP
Attacker has time to bypass automatic mitigation.
“Peace” Period Defenders have no skill/capacity to sustain it. “Peace” Period
Attack Period
Pre-attack Post-attack
Phase Phase
42. Counterattack
RT Intel
Active Mitigation
24x7x365
Trained
Experienced