Middle East Data Centers in the Crosshairs: Enterprises Need to Protect Themselves against Today’s Most Dangerous Security Threats
Glen Ogden, Regional Sales Director, Middle East at A10 Networks sheds light on the top 5 most dangerous threats to Middle East enterprise data centers:
1) DDoS Attacks
Servers are a prime target for Distributed Denial of Service (DDoS) attacks and, increasingly, they are an attack weapon in the escalating war to disrupt and disable essential Internet services. While web servers have been at the receiving end of DDoS attacks for years, attackers are now exploiting web application vulnerabilities to turn web servers into “bots.” Once attackers have drafted unwitting web servers into their virtual army, they use these servers to attack other websites. By leveraging web, DNS and NTP servers, attackers can amplify the size and the strength of DDoS attacks. While servers will never replace traditional PC-based botnets, their greater compute capacity and bandwidth enable them to carry out destructive attacks, where one server could equal the attack power of hundreds of PCs. With more and more DDoS attacks launched from servers, it’s not surprising that the size of DDoS attacks have grown sharply in the past few years. At the current trajectory, DDoS attacks could reach 37 Mpps in 2014 and 175 Mpps in 2015. Even if packet rates do not rise as sharply, DDoS attacks will be powerful enough to incapacitate most standard networking equipment. Every organization should build up defenses to fend off the next DDoS attack.
According to a study conducted by IDG Research Services, it takes an average of ten hours before a company can even begin to resolve a DDoS attack. On average, a DDoS attack isn't detected until 4.5 hours after it starts. And they need a further 4.9 hours before mitigation can commence. With outage costs averaging $100k per hour, that bring us to $1 million cost for an Internet reliant company.
2) Web Application Attacks
When cyber criminals and hacktivists aren’t busy taking down websites with DDoS attacks, they are launching web attacks like SQL injection, cross-site scripting (XSS) and cross-site request forgery (CSRF). They strive to break into applications and steal data for profit. And increasingly, attackers target vulnerable web servers and install malicious code in order to transform them into DDoS attack sources. CMS applications aren’t the only applications at risk. In fact, 96% of all applications currently have or have had vulnerabilities, and the median number of vulnerabilities per application was 14 in 2013.(1) Today’s most dangerous application threats, like SQL injection and cross-site scripting, aren’t new but they are still easy to perform and they are lethally effective. Attack tools like the Havij SQL injection tool enable hackers to automate their attack processes and quickly exploit vulnerabilities. The recent wave of web attacks on CMS applications has also revealed a gaping hole in the age-old strategy to lock down applications by writing secure code. Because CMS applications are usually developed by third parties and not internally, organizations can’t rely on secure coding processes to protect these applications. With 35% of all breaches caused by web attacks in 2013,(2) organizations, now more than ever, need a proactive defense to block web attacks and “virtually patch” vulnerabilities.
3) DNS Infrastructure: Attack Target and Collateral Damage
DNS servers have gained the dubious distinction of becoming a top attack target for two reasons. First, taking DNS servers offline is an easy way for attackers to keep thousands or millions of Internet subscribers from accessing the Internet. If attackers incapacitate an ISP’s DNS servers, they can prevent the ISP’s subscribers from resolving domain names, visiting websites, sending email and using other vital Internet services. DNS attacks have brought down service providers’ DNS services for hours, even days, and in extreme cases have led to class-action lawsuits by subscribers. Second, attackers can exploit DNS servers to amplify DDoS attacks. In the case of DNS reflection attacks, attackers spoof, or impersonate, the IP address of their real attack target. They send queries that instruct the DNS server to recursively query many DNS servers or to send large responses to the victim. As a result, powerful DNS servers drown the victim’s network with DNS traffic. Even when DNS servers are not the ultimate target of the attack, they can still suffer downtime and outages as the result of a DNS reflection attack. With DNS accounting for 8.95% of all DDoS attacks,(3) organizations that host DNS servers must protect their DNS infrastructure.
4) SSL-Induced Security Blind Spots
To prevent the continuous stream of malware and intrusions in their networks, enterprises need to inspect incoming and outgoing traffic for threats. Unfortunately, attackers are increasingly turning to encryption to evade detection. With more and more applications supporting SSL – in fact, over 40% of applications can use SSL or change ports(4) – SSL encryption represents not just a chink in enterprises’ proverbial armor, but an enormous crater that malicious actors can exploit. While many firewalls, intrusion prevention and threat prevention products can decrypt SSL traffic, they can’t keep pace with growing SSL encryption demands. For end-to-end security, organizations need to inspect outbound SSL traffic originating from internal users, and inbound SSL traffic originating from external users to corporate-owned application servers to eliminate the blind spot in corporate defenses. In its report, SSL Performance Problems, NSS Labs found that eight leading next-generation firewall vendors experienced significant performance degradation when decrypting 2048-bit encrypted traffic. This led NSS Labs to assert it had “concerns for the viability of SSL inspection in enterprise networks without the use of dedicated SSL decryption devices.”(5) If the gamut of security devices can’t keep up with growing SSL encryption demands, then organizations need a high-powered solution to intercept and decrypt SSL traffic, offloading intensive SSL processing from security devices and servers.
5) Brute Force and Weak Authentication
Applications often use authentication to verify the identity of users. With authentication, application owners can restrict access to authorized users and they can customize content based on user identity. Unfortunately, many application owners only enforce single-factor, password-based authentication. With weak single-factor authentication, application owners are exposed to a host of threats, from simple password guessing and stolen credentials to highly automated brute force attacks from password cracking tools. Analysis from large-scale breaches of passwords, like the 38 million passwords exposed in the Adobe hack, reveal the limitations of simple, single-factor authentication. Researchers have discovered that many users select the same, common passwords, like “123456” and “password.” In fact, 50% of password records in the RockYou breach included names, dictionary words, or trivial passwords based on adjacent keyboard keys,(6) and the 100 most common passwords account for 40% of all passwords chosen by users.(7)
Besides the risk of simple passwords, many users select the same password for multiple accounts. Unfortunately, when one of these accounts is compromised as part of a data breach, all other accounts sharing the same password are at risk. Within hours of a breach, hackers will crack stolen password lists – even password hashes – and use them to break into other online accounts. Two-factor authentication can drastically reduce the risk of password cracking. Combining passwords with outof- band authentication such as SMS messages to mobile devices or with hardware tokens or software tokens greatly decreases the risk of brute force or password cracking. In addition, user context, such as a user’s browser and operating system or a user’s geographic location, can help identify fraudulent activity. Application owners can build advanced rules to identify high-risk users or password cracking tools to safeguard user accounts. For many organizations, simply rolling out and managing authentication across many different web applications can be daunting. Setting up client authentication schemes for dozens of applications entails costly and time consuming development work. As a result, organizations need an integrated solution that can centrally manage authentication services and can block users with repeated failed login attempts.
Protecting Your Servers and Applications from the Top Five Data Center Threats
To shield data center infrastructure from attack, organizations need a solution that can mitigate a multitude of threat vectors and still deliver unmatched performance. Application Delivery Controllers (ADCs) can help organizations safeguard their data center infrastructure. Deployed in the heart of the data center, ADCs can block attacks, intercept and inspect encrypted traffic and prevent unauthorized access to applications. With malicious users increasingly setting their sights on data center servers, ADCs can provide best-of-breed protection against data center security threats. Organizations should carefully evaluate the security features of ADCs to make sure they effectively mitigate data center risks.
(1) Trustwave 2014 Global Security Report
(2) Verizon 2014 Data Breach Investigation Report
(3) Prolexic Quarterly Global DDoS Attack Report Q1 2014
(4) Palo Alto Networks’ Application Usage and Risk Report
(5) NSS Labs, “SSL Performance Problems”
(6) Imperva, “Consumer Password Worst Practices”
(7) Xato, “10,000 Top Passwords”
A10 Networks (NYSE: ATEN) is a technology leader in application networking, providing a range of high-performance application networking solutions that help organizations ensure that their data center applications and networks remain highly available, accelerated and secure. Founded in 2004, A10 Networks is based in San Jose, Calif., and serves customers globally with offices worldwide. For more information, visit: https://www.a10networks.com
A10 Networks, the A10 logo, A10 Lightning, A10 Thunder, aCloud, ACOS, ACOS Policy Engine, ACOS Synergy, Affinity, aFleX, aFlow, aGalaxy, aVCS, AX, aXAPI, IDaccess, IDsentrie, IP-to-ID, SoftAX, SSL Insight, Thunder, Thunder TPS, UASG, VirtualN, Virtual Chassis, and vThunder are trademarks or registered trademarks of A10 Networks, Inc. in the United States and other countries. All other trademarks are property of their respective owners.
Product Information Contact:
Mr. Glen Ogden
Regional Sales Director, Middle East
UAE Mobile: +971 55 2762405 | KSA Mobile: +966 5380 59466
Office 3, Al Aarti Building, Mirdiff, PO BOX 5462, Dubai, UAE
This release was published on openPR.
Permanent link to this press release:
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.
You can edit or delete your press release Middle East Data Centers in the Crosshairs: Enterprises Need to Protect Themselves against Today’s Most Dangerous Security Threats here
News-ID: 300959 • Views: 2782
More Releases from A10 Networks
A10 Networks Announces Worldwide Availability of Thunder Convergent Firewall and …
DUBAI, United Arab Emirates, 6th March, 2016 – A10 Networks (NYSE: ATEN), a leader in application networking and security, today announced the worldwide availability of Thunder Convergent Firewall (CFW), a standalone security product built on A10’s ACOS Harmony platform. Thunder CFW is the first converged security solution for service providers, cloud providers and large enterprises that includes: • A high-performance Gi/SGi firewall with integrated distributed denial of service (DDoS) and Carrier
A10 Networks Promotes World Wide Technology (WWT) to Affinity Platinum Status
DUBAI, United Arab Emirates, 10th May, 2015: A10 Networks (NYSE: ATEN), a technology leader in application networking, announced today that World Wide Technology (WWT), a market-leading systems integrator that provides innovative technology and supply chain solutions to clients throughout the world, has been promoted to A10 Affinity Platinum status: the top tier in the A10 Affinity partner program. WWT formally joined the A10 Affinity partner program in 2014, and this
A10 Networks Extends Advanced Application Delivery and Security with Microsoft A …
DUBAI, United Arab Emirates, 17th May, 2015 -- 05/05/15 -- A10 Networks (NYSE: ATEN), a leader in application networking, today announced its virtual application delivery controller (ADC) appliance, vThunder ADC, is now available as a Virtual Machine (VM) image on the Azure Marketplace. The vThunder VM offers dynamic "application-aware" services, including advanced L4-7 load balancing, application acceleration and improved-security in an all-in-one virtual instance. Unifying vThunder with Azure enables extensibility
A10 Networks Appoints Industry Veteran Sanjay Kapoor as Vice President of Global …
DUBAI, United Arab Emirates, 14th April, 2015 - A10 Networks (NYSE: ATEN), a technology leader in application networking, today announced that Sanjay Kapoor has been appointed Vice President of global marketing. In this role, Sanjay will be responsible for the global structure, strategy, and execution of all aspects of A10's marketing efforts. Sanjay will report directly to CEO Lee Chen. "Sanjay is a creative and accomplished marketing executive, bringing extraordinary marketing
More Releases for DNS
Managed DNS Services Market 2018 Global Key Players: VeriSign Inc, Dyn Inc, Neus …
Market Scenario: DNS is a distributed, coherent, reliable, autonomous, hierarchical database, the first and only one of its kind. The Domain Name System (DNS) translates Internet domain and host names to IP addresses and vice versa. On the Internet, DNS automatically converts between the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites. Larger corporations also use DNS to manage their
Managed DNS Services Market 2018 Global Key Players: VeriSign Inc, Dyn Inc, Neus …
Market Synopsis: The Internet is a necessity for various aspects of life that range from education, business, entertainment, and information. Domain Name System (DNS) is an important component for any internet connection to work because it translates internet domain and host names to internet protocol (IP) addresses and vice versa. Larger corporations use DNS to manage their own company intranet. At home networks, DNS is used for accessing the Internet but
DNS Accountants announces new office in London
London, United Kingdom - DNS Accountants, a Harrow, Middlesex small business accounting firm, today announced that it will open a new office in London in 2016. In addition to its various offices across United Kingdom, the London office will provide DNS Accountants with an opportunity to offer their services to a wider client base of contractors, freelancers, and small businesses. "London is home to successful small businesses and infinite talent,
eSentire Launches Cloud-based DNS Firewall Service
Controlling Endpoint Security Threats with Cymon, the World’s Largest Open Threat Intelligence Feed Cambridge, Ontario & San Francisco, CA – March 2, 2016 – eSentire, Inc., a leader in Active Threat ProtectionTM solutions and managed security services, today launched eSentire DNS Firewall™ to help control endpoint security threats by automatically blocking the domains of known malicious sites. The entirely cloud-based solution provides advanced cyber protection for any device on the network,
dinCloud Launches Worldwide Anycast DNS Services
Impervious and Affordable Service Repels DDoS and Other Security Attacks LOS ANGELES, CA – April 28, 2015 – dinCloud, a cloud services provider that helps businesses rapidly migrate to the cloud through business provisioning, today announced dinDNS, an affordable and scalable cloud Domain Name System (DNS) service. With dinDNS, dinCloud customers can buy a bundle of 25 domains or more through their dinManage accounts. Additionally, customers will be able to add,
Host1Plus Extends Cloud VPS DNS Manager
Host1Plus – the international professional and reliable hosting service provider announced that additional features of DNS management in VPS server have been added. London, United Kingdom, April 27, 2012 – Host1Plus London based international hosting services provider have introduced the special feature for Cloud VPS customers – the Cloud VPS DNS Manager. It has been created and implemented by Host1Plus technical staff. “Majority of international cloud hosting providers do not even bother