AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks...
Transcript of AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks...
![Page 1: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/1.jpg)
Radware
NGSec 2017
Marek Karczewski
![Page 2: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/2.jpg)
Cyber Attacks
![Page 3: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/3.jpg)
HTTP „GET” Flood Attack
GET - Requests data from a specified resourcePOST - Submits data to be processed to a specified resource
![Page 4: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/4.jpg)
HTTP „GET” Flood Attack
https://portals.radware.com/Employee/Home/Sales-Tools/#?q=Document.pdf
![Page 5: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/5.jpg)
![Page 6: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/6.jpg)
![Page 7: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/7.jpg)
HTTP „POST” Flood Attack
https://portals.radware.com/Not-Logged-In/Login/?returnurl=%2fEmployee%2fHome.aspx%2f
Marek Karczewski
![Page 8: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/8.jpg)
Marek Karczewski
https://portals.radware.com/Employee/Home/Human-Resources/Search-Employee/#?q=Marek%20Karczewski
![Page 9: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/9.jpg)
![Page 10: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/10.jpg)
’ OR ’a’=’a
![Page 11: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/11.jpg)
SQL Injection Attack
No WAF
SELECT * FROM `CreditCardNumbers` WHERE `user`=‘’ OR ’a’=’a’ AND `pass`=‘’ OR ’a’=’a’
SELECT * FROM `login` WHERE `user`=‘’; INSERT INTO `login` ('user','pass') VALUES (‚John',‚Doe');--’ AND `pass`=‘’
SELECT * FROM `login` WHERE `user`=‘’; UPDATE `login` SET `pass`=‘pass123’ WHERE `user`=‘Marek’;--’ AND `pass`=‘’
![Page 12: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/12.jpg)
SQL Injection Attack
WAF
![Page 13: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/13.jpg)
![Page 14: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/14.jpg)
![Page 15: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/15.jpg)
![Page 16: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/16.jpg)
![Page 17: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/17.jpg)
![Page 18: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/18.jpg)
![Page 19: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/19.jpg)
![Page 20: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/20.jpg)
![Page 21: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/21.jpg)
![Page 22: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/22.jpg)
![Page 23: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/23.jpg)
![Page 24: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/24.jpg)
![Page 25: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/25.jpg)
![Page 26: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/26.jpg)
![Page 27: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/27.jpg)
![Page 28: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/28.jpg)
![Page 29: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/29.jpg)
Cyber Attacks in numbers
![Page 30: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/30.jpg)
Attacks that will cause the most harm to businesses
![Page 31: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/31.jpg)
Types of Attacks Experienced By Organizations in 2015
![Page 32: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/32.jpg)
Motives behind any cyber-attack
![Page 33: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/33.jpg)
Biggest DDoS Attacks in 2016
![Page 34: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/34.jpg)
SSL or TLS based Attacks
Over 50% of traffic in enterprises is
encrypted
20% of organizationsInspect SSL
80% of organizations don’t inspect SSL
Traffic SSL based attacks in 2016
![Page 35: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/35.jpg)
Impact of DDoS Attacks on Systems
![Page 36: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/36.jpg)
Impact of DDoS Attacks on Business
Today more than ever, TIME IS MONEY
![Page 37: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/37.jpg)
Impact of DDoS Attacks on Business
![Page 38: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/38.jpg)
How Prepared Are Today’s Organizations?
![Page 39: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/39.jpg)
Attacks on Krebs, OVH and Dyn
09/20 – KrebsOnSecurity.com target of record-breaking 620Gbps DDoS attack09/21 – French web hoster OVH targeted by 1.5Tbps IoT DDoS attack09/30 – Source Code of IoT Botnet Mirai Released on Hackforums.net by Anna-senpai
10/21 – Dyn’s managed DNS infrastructure in the US under DDoS attack. Impacting many websitesand services including Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix
![Page 40: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/40.jpg)
October 21st - DDoS attack on Dyn (Managed DNS Network) - Mirai malware
• ActBlue
• Basecamp
• Big cartel
• Box
• Business Insider
• CNN
• Cleveland.com
• Etsy
• Github
• Grubhub
• Guardian.co.uk
• HBO Now
• Iheart.com
(iHeartRadio)
• Imgur
• Intercom
• Intercom.com
• Okta
• PayPal
• People.com
• Playstation Network
• Recode
• Seamless
• Spotify
• Squarespace Customer
Sites
• Starbucks rewards/gift
cards
• Storify.com
• The Verge
• Twillo
• Urbandictionary.com
• Weebly
• Wired.com
• Wix Customer Sites
• Yammer
• Yelp
• Zendesk.com
• Zoho CRM
• Credit Karma
• Eventbrite
• Netflix
• NHL.com
• Fox News
• Disqus
• Shopify
• Soundcloud
• Atom.io
• Ancersty.com
• Constant Contact
• Indeed.com
• New York Times
• Weather.com
• WSJ.com
• time.com
• xbox.com
• dailynews.com
• Wikia
• donorschoose.org
• Wufoo.com
• Genonebiology.com
• BBC
• Elder Scrolls Online
• Eve Online
• PagerDuty
• Kayak
• youneedabudget.com
• Speed Test
• Freshbooks
• Braintree
• Blue Host
• Qualtrics
• SBNation
• Salsify.com
• Zillow.com
• nimbleschedule.com
• Vox.com
• Livestream.com
• IndieGoGo
• Fortune
• CNBC.com
• FT.com
• Survey Monkey
• Paragon Game
• Runescape
• Amazon
![Page 41: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/41.jpg)
Cyber attacks from infrastructure perspective
2016
INTERNET PIPE(Saturation)36%
FIREWALL13%
IPS/IDS8%
ALANCERLOAD B(ADC)
9%THE SERVERUNDER ATTACK
33%SQLSERVER
1%
INTERNET PIPE(Saturation)36%
FIREWALL21%
IPS/IDS10%
ALANCERLOAD B(ADC)
3%THE SERVERUNDER ATTACK
28%SQLSERVER
2%
2015
IPS/IDSInternet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server
![Page 42: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/42.jpg)
Complexity of attacks continues to grow
IPS/IDS
“Low & Slow” DoS attacks (e.g.Slowloris)
Large volume network flood attacks
Syn Floods
Network Scan
HTTP Floods
SSL Floods App Misuse
Brute Force
Cloud DDoS protection DoS protection Behavioral analysis IPS WAF SSL protection
Internet Pipe Firewall Load Balancer/ADC Server Under Attack SQL Server
XSS, CSRFSQL Injections
![Page 43: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/43.jpg)
Multi-technology protection
Only a multi-technology solution can provide full protection from multi-vector threats
Cloud DDoS protection DoS protection Behavioral analysis IPS WAF SSL protection
![Page 44: AMS – Attack Mitigation System · SQL Injection Attack WAF. Cyber Attacks in numbers. Attacks that will cause the most harm to businesses. Types of Attacks Experienced By Organizations](https://reader034.fdocuments.us/reader034/viewer/2022051808/600b0c2193141a013f704eb5/html5/thumbnails/44.jpg)
Thank You!