Upload File

radware global application & network security report infographic

  • Home
  • Technology
  • Radware Global Application & Network Security Report Infographic
1
Change is headed your way whether you’re prepared or not. As DoS/DDoS attacks continue to rise, concerns among organizations continue to grow. The 2013 Global Application & Network Security Report provides insight to help organizations better detect, mitigate and win the extended and persistent DoS/DDoS battle. Don’t Be Fooled – Service Degradation is Enough to Interrupt Business 87% of respondents to Radware’s Security Industry and Security Executive Surveys stated that they are likely to experience service level issues – 60% encounter service degradation and 27% experience outage. While this may appear to be good news, targets of service degradation can experience negative financial impact, harmful effects on customer satisfaction, and brand equity. Not problems any organization wants to have. Outage 27% No Impact 13% Service Level Degradation 60% Attackers Up the Ante 25 30 35 20 15 10 5 4 16 20 7 29 30 16 29 35 5-6 7-8 9-10 2011 2012 2013 2011 2012 2013 DoS/DDoS Attacks Leave Path of Destruction DoS/DDoS attacks have increasingly become the weapon of choice for cyber-hactivist groups - like Anonymous and Cyber Fighters of Izz Ad-Din Al-Qassam. To quantify the severity of attacks, Radware uses a DoS/DDoS Risk Score that ranks DoS/DDoS attacks methodically by severity and assigns each attack a score between 1 and 10 (10 being the powerful). 2013 showed a 28% increase in DoS/DDoS attack scores of 8 and above, as compared to 8% in 2012. And so the path of destruction begins. New Attack Vectors, One Dangerous Commonality Several attack vectors emerged in 2013 causing significant issues for organizations. 50% of all Web attacks were encrypted application based attacks. 15% of organizations reported attacks targeting Web application log in pages on a daily basis. And DNS based volumetric floods increased from 10% to 21% in 2013, becoming the second most common attack vector. But what makes them so dangerous? They’re difficult to detect, require very few resources and can easily maintain anonymity. Need a better reason to improve network security? The Industry Hit List Expands 30% 25% 20% 15% 10% 5% 0% 1 2 3-4 5-9 10 or more Not Just a Party of One Anymore – Multi-Vector Attacks Take Aim More than 50% of attack campaigns deployed five or more attack vectors in 2013. Why? Attackers would rather keep the target busy by releasing one at a time, than launch the entire arsenal all at once. You may be successful at blocking four or five attack vectors, but it only takes one for the damage to be done. Prompt. Protect. Prepare. Don’t press the panic button just yet. You can keep your organization safe with a few simple steps. Start now. Timing is Everything Organizations need to look at time-to-mitigate as a key success factor, and ensure that thy solution they deploy provides the shortest time-to-mitigate. Fill in the Holes DDoS mitigation solutions need to offer a wide attack coverage that can detect from not just one attack vector, but also a multi-vector attack that hits different layers of the infrastructure. Single Point of Contact In the event of an attack, it’s crucial to have a single point of contact that can be called to help divert Internet traffic and deploy mitigation solutions. Multi-Layer Approach Resolve the issues of single-point solutions with a cloud – based protection that blocks volumetric attacks and an on-premise solution that blocks all other, non-volumetric attacks. SSL Mitigation 2014 is upon us and SSL attacks appear to be a major threat moving forward. Look for SSL based DoS/DDoS mitigation solutions with a deployment that doesn’t affect the legit traffic performance. © 2014 Radware, Ltd. All Rights Reserved. Radware and all other Radware product and service names are registered trademarks of Radware in the U.S. and other countries. All other trademarks and names are the property of their respective owners. About Radware’s ERT The Emergency Response Team (ERT) has extensive experience handling attacks ‘in the wild’ as they occur. The findings in this report are a compilation of their front-line insights and formal surveys of worldwide security professionals on the state of cyber security. www.radware.com 2013 Move from 2012 Low Medium ISP Financial Retail Gaming Energy & Utilities Mobile Government High Hosting So who’s up next? As the frequency and intensity of attacks increased, financial services felt the heat and joined government agencies in the DoS/DDoS Ring of Fire. 2013 hit both financial and government verticals hard, reinforcing the correlation between geo-political events and DoS/DDoS attacks. While these two remain a top target for DDoS attacks, cyber hactivists didn’t stop. Hosting companies, ISPs and energy and utility companies changed position, and not for the better. Attackers drastically shortened the response time, developing new attack vectors that defeat newly deployed mitigation tools. While organization’s used to have weeks or months of reprieve, now attackers are responding in a matter of days and sometimes even hours after the mitigation tools are deployed. And the Hits Just Keep on Comin’ – Attackers (Quickly) Strike Back

Upload: radware

Post on 20-Aug-2015

2.104 views

Category:

Technology


1 download

Report

Tags:

TRANSCRIPT

Page 1: Radware Global Application & Network Security Report Infographic

Change is headed your way whether you’re prepared or not. As DoS/DDoS attacks continue to rise, concerns among organizations continue to grow. The 2013 Global Application & Network Security Report provides insight to help organizations better detect, mitigate and win the extended and persistent DoS/DDoS battle.

Don’t Be Fooled – Service Degradation is Enough to Interrupt Business

87% of respondents to Radware’s Security Industry and Security Executive Surveys stated that they are likely to experience service level issues – 60% encounter service degradation and 27% experience outage. While this may appear to be good news, targets of service degradation can experience negative financial impact, harmful effects on customer satisfaction, and brand equity. Not problems any organization wants to have.

Outage27%

No Impact13%

Service Level Degradation60%

AttackersUp the Ante

25

30

35

20

15

10

54

16

20

7

29

30

16

29

35

5-6

7-8

9-102011

2012

2013

2011 2012 2013DoS/DDoS Attacks Leave Path of DestructionDoS/DDoS attacks have increasingly become the weapon of choice for cyber-hactivist groups - like Anonymous and Cyber Fighters of Izz Ad-Din Al-Qassam. To quantify the severity of attacks, Radware uses a DoS/DDoS Risk Score that ranks DoS/DDoS attacks methodically by severity and assigns each attack a score between 1 and 10 (10 being the powerful). 2013 showed a 28% increase in DoS/DDoS attack scores of 8 and above, as compared to 8% in 2012. And so the path of destruction begins.

New Attack Vectors, One Dangerous CommonalitySeveral attack vectors emerged in 2013 causing significant issues for organizations. 50% of all Web attacks were encrypted application based attacks. 15% of organizations reported attacks targeting Web application log in pages on a daily basis. And DNS based

volumetric floods increased from 10% to 21% in 2013,becoming the second most common attack vector. But whatmakes them so dangerous? They’re difficult to detect, require

very few resources and can easily maintain anonymity. Need a better reason to improve network security?

The Industry Hit List Expands

30%

25%

20%

15%

10%

5%

0%

1 2 3-4 5-9 10 or more

Not Just a Party of One Anymore – Multi-Vector Attacks Take AimMore than 50% of attack campaigns deployed five or more attack vectors in 2013.Why? Attackers would rather keep the target busy by releasing one at a time, than launch the entire arsenal all at once. You may be successful at blocking four or five attack vectors, but it only takes one for the damage to be done.

Prompt. Protect. Prepare.Don’t press the panic button just yet. You can keep your organization safe with a few simple steps.

Start now.

Timing is Everything Organizations need to look at time-to-mitigate as a key success factor, and ensure that thy solution they deploy provides the shortest time-to-mitigate.

Fill in the Holes DDoS mitigation solutions need to offer a wide attack coverage that can detect from not just one attack vector, but also a multi-vector attack that hits different layers of the infrastructure.

Single Point of Contact In the event of an attack, it’s crucial to have a single point of contact that can be called to help divert Internet traffic and deploy mitigation solutions.

Multi-Layer Approach Resolve the issues of single-point solutions with a cloud – based protection that blocks volumetric attacks and an on-premise solution that blocks all other, non-volumetric attacks.

SSL Mitigation 2014 is upon us and SSL attacks appear to be a major threat moving forward. Look for SSL based DoS/DDoS mitigation solutions with a deployment that doesn’t affect the legit traffic performance.

© 2014 Radware, Ltd. All Rights Reserved. Radware and all other Radware product and service names are registered trademarks of Radware in the U.S. and other countries. All other trademarks and names are the property of their respective owners.

About Radware’s ERTThe Emergency Response Team (ERT) has extensive experience handling attacks ‘in the wild’ as they occur. The findings in this report are a compilation of their front-line insights and formal surveys of worldwide security professionals on the state of cyber security.

w w w . r a d w a r e . c o m

2013 Move from 2012

Low

Medium

ISP

Financial

Retail

Gaming

Energy & Utilities

Mobile

Government

High

Hosting

So who’s up next? As the frequency and intensity of attacks increased, financial services felt the heat and joined government agencies in the DoS/DDoS Ring of Fire. 2013 hit both financial and government verticals hard, reinforcing the correlation between geo-political events and DoS/DDoS attacks. While these two remain a top target for DDoS attacks, cyber hactivists didn’t stop. Hosting companies, ISPs and energy and utility companies changed position, and not for the better.

Attackers drastically shortened the response time, developing new attack vectors that defeat newly deployed mitigation tools. While organization’s used to have weeks or months of reprieve, now attackers are responding in a matter of days and sometimes even hours after the mitigation tools are deployed.

And the Hits Just Keep on Comin’ – Attackers (Quickly) Strike Back

Radware DefensePro Product Family Security Targetcommoncriteriaportal.org/files/epfiles/Radware DefensePro... · 2014-06-19 · The following Radware guidance is considered part of

Windstream Managed Network Security Infographic

TABLE OF CONTENTS - ResponseSource...RADWARE GLOBAL APPLICATION & NETWORK SECURITY REPORT | 2017-2018 5 Security Still ‘Cloudy’ Organizations cited security misconfigurations

Top Findings - Radware 2015 - 2016 Global Application & Network Security Report

Radware Global Application & Network Security Report 2014-2015

Radware State of the Union: Ecommerce Page Speed & Web Performance Infographic

Radware SOTU Report

Radware Technology Overview

Security Threats in IT Infographic

Mobile (In)Security Infographic

Mobile Device Security Infographic

IBM Security Identity Governance Infographic

20070605 Radware

Infographic: Connected Security Yields Smarter Defensesmedia.zones.com/images/pdf/infographic-connected-security-yields-smarter-defenses.pdfIsolated security components can lead to:

2014 Handbook - Radware

Cyber Security Infographic

Microsoft Azure Security Infographic

Radware Global Application & Network Security Report 2014-2015 Infographic

Radware Summer 2015 State of the Union: Page Speed & Web Performance Infographic

Unisys Security Insights Infographic: Netherlands

ULTIMATE GUIDE TO BOT MANAGEMENT - Radware Blog...Application Security in a Digitally Connected World, Nov. 2017, Radware. 2. Application Security in a Digitally Connected World, Nov

Intel Enterprise Security - Infographic

Digital Gen: Security Infographic

Midyear Security Report Infographic

IBM i Security Exposures Infographic

Radware State of the Union: Page Speed & Web Performance -- Spring 2014 Infographic

Digital Generation: Security Infographic

Radware AMS Brochure

NSX Infographic - Security

Radware and IxiaRadware Radware is the global leader in integrated application delivery and application security solutions for business-smart networking. The company assures the complete

Radware AppDirector

Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security

Radware LLB

Windstream Cloud Security Infographic

Mobile POS Security - Infographic