In terms of DDoS attacks, 2019 has started with a bang! At the end of January reports surfaced of a massive DDoS attack that generated over 500 million packets per second, which was significantly larger than last year’s GitHub attack, which peaked at 129.6 million packets per second.

The report explores and analyses the risks, costs and damage that would be caused by a coordinated global ransomware attack. The scenario outlined predicts that from the time the attack is launched it would encrypt all data on nearly 30 million devices worldwide. 

Security Analysts within the SecOps, DevOps, Security Operations Centre (SOC), Incident Response and Threat Intel teams are often overloaded with information produced by their cyber security tools. This issue is even more problematic in Firewalls and Intrusion Detection Systems’s (IDS) at carrier scale, leading to ‘Alert Fatigue’ and false positives. 

A network security team can only fight what they can see, an organisation’s network security depends on their ability to rapidly detect and respond to emerging threats across their infrastructure, whether that is Tier 1 Operator, Enterprise or Cloud Provider. However, attack methods and strategies are constantly evolving, making threat detection an always-moving target. A good base to start from is understanding what type of threats may lurking in your network, these threats look very different depending on throughput of network traffic.

A Content Delivery Network or CDN is a system of distributed servers and nodes that delivers web content to a user, based on the geographical location of the user, the origin of the webpage and the content delivery service. The purpose of the CDN is to avoid bottle necks that would occur if every user tried to access content from one central location, the CDN replicates and redirects content so it is available to many users all at once. Ultimately improving user experience across multiple geographical locations (i.e. not just to those users who are physically closest to the server with the original content) and easing pressure on network infrastructure resources.

Rohit Singh, Country Manager – AsiaPAC & India, Telesoft Technologies sat on a panel at the recent 5th Data Centre India 2018 International Conference to moderate a session and discuss all things cyber security and risk in the datacentre. Together with industry experts from Tata Projects, Juniper and Sterling & Wilson, Rohit and the panel discussed how datacentres are the backbone of today’s digital economy and are vulnerable to advanced persistent cyber-attacks, despite continued investment.

A UDP flood is a type of volume based DDoS (Distributed Denial of Service) attack, where large numbers of UDP (User Datagram Protocol) packets are sent to a target server, limiting its ability to carry out its functions. UDP traffic doesn’t require a three-way handshake to make a connection like TCP (Transmission Control Protocol), it runs with lower overhead and is ideal to carry data that doesn’t need to be checked and rechecked, such as VoIP. This means it is easier for attackers to generate large traffic volumes with tools like Low Orbit Ion Cannon (LOIC) and UDP Unicorn.

A Distributed Denial-of-Service DDoS attack occurs when high rate machine generated traffic, usually from compromised systems, floods the resources of a targeted system such as a webserver, making the service unusable by legitimate users. There are many reasons for hackers/hacktivist/state actors to initiate a DDoS attack – to damage a brand, to limit web based sales, to protest or for notoriety. After the initial incident response and triage, important questions will be asked, chief among them, what did the DDoS attack cost?

Cryptojacking is running unwanted applications on endpoints and infrastructure, specifically crypto currency mining software, and it’s hard to detect. The cypto miner is stealing processing capability; Impacts are higher electricity (power and cooling) consumption, slower performance of legitimate applications or services. And high CPU run rates generate more heat and reduce lifetime.

Over three days the infosec industry came together as 19,500+ industry professionals met with 400+ international exhibitors including Telesoft Technologies to learn about state-of-the-art cyber security and attend thought-provoking and inspiring seminars.