Akamai Confidential©2011 Akamai. In the Cloud Security Highlighting the Need for Defense-in-Depth R. H. Powell IV Director, Government Solutions CISSP.

Slides:

Advertisements

Similar presentations

Palo Alto Networks Jay Flanyak Channel Business Manager

Advertisements

Introduction and Overview of Digital Crime and Digital Terrorism

1 Schulte Research War of words with SAIC (State Administration for Industry and Commerce) Source: SCMP, ifeng, New York Times, Financial Times, Schulte.

Akamai DNS Offerings RSA © Conference ©2013 AKAMAI | FASTER FORWARD TM Akamai DNS Solutions Enhanced DNS (eDNS) Scalable, outsourced, DNS solution.

ELOC Bank Table Top Exercise Executive Leadership of Cybersecurity Austin, TX December 3,

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,

Akamai Confidential Web targeted DDoS attack: trends, tools and tactics Christiaan Ehlers, Senior Service Consultant – Akamai Technologies.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.

Information Security Overview in the Israeli E-Government April 2010 Ministry of Finance – Accountant General E-government Division.

Cyber Crime Game Players By Marharyta Abreu & Iwona Sornat.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.

The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

Building Trust in Digital Online World Dr. Shekhar Kirani Vice President VeriSign India 5th June 2009 IBA Conference.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Jeff Williams  Intro  Awesome Times  Security Briefing  Service with Security.

McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

(Geneva, Switzerland, September 2014)

SiteLock Internet Security: Big Threats for Small Business.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

The 21 st Century Begins Present Chapter 32.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

© 2010 Akamai Headlines You May Have Seen. © 2010 Akamai Headlines You DID NOT See POWERING A BETTER INTERNET President Delays Trip Due to Cyber Attacks.

Performance and Security of Internet Applications John Buten Manager, Enterprise Industries

Study Results Advanced Persistent Threat Awareness.

Cybersecurity and the Department of Justice Vincent A. Citro, Assistant United States Attorney July 9-10, 2014 Unclassified – For Public Use.

OPSWAT Presentation for XXX Month Date, Year. OPSWAT & ____________ Agenda  Overview of OPSWAT  Multi-scanning with Metascan  Controlling Data Workflow.

It’s Not Just You! Your Site Looks Down From Here Santo Hartono, ANZ Country Manager March 2014 Latest Trends in Cyber Security.

Akamai Technologies - Overview RSA ® Conference 2013.

NATO Advanced Research Workshop “Best Practices and Innovative Approaches to Develop Cyber Security and Resiliency Policy Framework” Scenario for Discussion.

Lit Space Monitoring for Botnets Stuart Staniford Chief Scientist 1/21/2008.

Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.

Drew Reinders | GSEC Principal Solutions Engineer Defending Your Castle.

7.7 DDoS Attack Timeline 1 st Attack Date : ’ :00 ~ ’ :00, ’ :00 ~ ’ :00 Target : (US) White House + 4 web sites (US)

Cybersecurity: Expanding the Front Lines of Defense Dr. George K. Kostopoulos Professor Electrical and Computer Engineering Cybersecurity New York Institute.

1 Executive Leadership of Cybersecurity Austin, TX December 3, 2014 ELOC Bank Table Top Exercise.

Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. State of Network Security.

December 11 th 2015 Intelligence Briefing NOT PROTECTIVELY MARKED.

INTRODUCTION & QUESTIONS.

Safe’n’Sec IT security solutions for enterprises of any size.

Information Security: Current Threats Marc Scarborough Information Security Officer

ShapeShifter Jennifer Nguyen, Jordan Travis, Cian Connor, Rebecca Miller.

BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.

DHS Publishes Report Saying Low but Persistent Risk of Cyber Attack on Energy Sector DHS REPORT ON ENERGY CYBERSECURITY April 6, 2016 | Ben Booker Source:

PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.

Security Testing Market to Global Analysis and Forecasts by Model, End-users No of Pages: 150 Publishing Date: Jan 2017 Single User PDF: US$ 3900.

Physical Security Market to Global Analysis and Forecasts by Application, Services No of Pages: 150 Publishing Date: Jan 2017 Single User PDF: US$

Physical Security Market to Global Analysis and Forecasts by Application, Services No of Pages: 150 Publishing Date: Feb 2017 Single User PDF: US$

Security Testing Market to Global Analysis and Forecasts by Model, End-users No of Pages: 150 Publishing Date: Feb 2017 Single User PDF: US$ 3900.

BUILD SECURE PRODUCTS AND SERVICES

International Conflict & Cyber Security

State Board of Elections Computers

Cisco 2017 Security Annual Report

Digital Citizenship Middle School

Real-time protection for web sites and web apps against ATTACKS

Cyber Security & IT: What’s Next?

Equipo 1 Tema: Crímenes cibernéticos en 2016 Ana Yansi Mejía Mendoza (Informática) Lucia Arellano García (Derecho) Margarita Núñez Rosales (Lengua extranjera)

© 2016 Global Market Insights, Inc. USA. All Rights Reserved Endpoint Security Market to grow at 7% CAGR from 2017 to 2024: Global Market.

Strong Security for Your Weak Link:

Vendor of Solutions and Services Integrates Office 365 in Its Management Solution Partner Logo “Our new version of iQ.Suite makes safe and flexible.

Protect Your Ecommerce Site From Hacking and Fraud

Computer Security By: Muhammed Anwar.

© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fuel Cell Market size worth $25.5bn by 2024 Automotive Advanced Gear Shifter.

© 2016 Global Market Insights, Inc. USA. All Rights Reserved Enterprise Networking Market Size to Exceed $90 bn by 2025 Growing at CAGR.

Presentation transcript:

Akamai Confidential©2011 Akamai

In the Cloud Security Highlighting the Need for Defense-in-Depth R. H. Powell IV Director, Government Solutions CISSP W: M:

Akamai Confidential©2011 Akamai Headlines You May Have Seen

Akamai Confidential©2011 Akamai Headlines You DID NOT See President Delays Trip Due to Cyber Attacks Independence Day Attacks Paralyze the U.S. Financial & Government Websites Attacked and Taken Down: Stocks Show Concerns

Akamai Confidential©2011 Akamai The Threat is Real DDoS is the #1 Preferred Method of Attack (TrustWave 2011) 74% of surveyed companies experienced one or more DDoS attacks in the past year, 31% of these attacks resulting in service disruption – Forrester Research LulzSec, Anonymous declare war on government websites Hacker groups call for stealing, leaking classified information By Kevin McCaney Jun 20, 2011Kevin McCaney

Akamai Confidential©2011 Akamai Akamai Attack Trends in 2011 Total DDoS attack volume against Akamai customers is growing 100% 2010 – 2011 Average Attack sizes are in the Gbps range Attacks are originating from all geographies and are moving between geographies during the attack 2011 volume is projected based on actuals through September The Akamai network saw more DDoS attacks in the fourth quarter of 2010 than in the first three quarters of the year combined – Tom Leighton, Chief Scientist, Akamai Technologies

Akamai Confidential©2011 Akamai Why? Extortion / Theft Political Hackitivism State Sponsored Traditional Hackers: Glory Hounds

Akamai Confidential©2011 Akamai Why? Extortion / Theft Political Hackitivism State Sponsored Traditional Hackers: Glory Hounds

Akamai Confidential©2011 Akamai July 4 th DDoS Attack Timeline Distributed, Agile and Multi-Phased Attack “The first list had only five targets — all U.S. government sites. A second list used by the malware on July 6 had 21 targets, all U.S. government and commercial sector sites, including e-commerce and media sites. A list on the 7th switched out some of the U.S. sites for ones in South Korea. …- Joe Stewart, director of malware research at SecureWorks “While Treasury Department and Federal Trade Commission Web sites were shut down by the software attack, which lasted for days over the holiday weekend, others such as the Pentagon and the White House were able to fend it off with little disruption” -- New York Times Akamai Provides Customers the Ability to “Fight Through” the Attack ! All Targeted Applications on the Akamai Platform Remained Available. All Targets Applications not on the Akamai Platform were Rendered Unavailable. Protected Akamai Customers from Effects Absorbed: 1M+ Hps; 200+ Gbps; 300k+ Attack IPs Denied the Attacker - Affects on Targets Maintained Customer Brand Integrity Provided Near Real-Time SA & Alerting Provided Analysis to US Cyber Officials

Akamai Confidential©2011 Akamai Oct 5, 2011: Vulnerability Scanning Shut Down - Scanning triggers alerts - Offending requests are identified and denied <4hrs

Akamai Confidential©2011 Akamai Why? Extortion / Theft Political Hackitivism State Sponsored Traditional Hackers: Glory Hounds

Akamai Confidential©2011 Akamai Holiday Season 2010 – DDoS Attacks Attacked eCommerce Web Sites Protected by Akamai PROTECTED Customer #1 Customer #2 Customer #3 Customer #4 Customer #5 Times Above Normal Traffic 9,095x 5,803x 3,115x 2,874x 1,807x Peak Attack Time (GMT) 11/30 2PM 12/1 2PM 11/30 2PM 12/1 1PM Highly distributed international DDoS attacks from Asia- Pac, South America and Middle East Customer 1 Customer 2 Customer 3 Averted $15M in Lost Revenue

Akamai Confidential©2011 Akamai Why? Extortion / Theft Political Hackitivism State Sponsored Traditional Hackers: Glory Hounds

Akamai Confidential©2011 Akamai Customer Telemetry – Q During LOIC Attacks Average response time during attack: 0.87 seconds. Availability during the LOIC attack: 100%

Akamai Confidential©2011 Akamai Why? Extortion / Theft Political Hackitivism State Sponsored Traditional Hackers: Glory Hounds

Akamai Confidential©2011 Akamai Bitcoin

Akamai Confidential©2011 Akamai Let’s hold somebody ransom (the actual ransom note) Your site will be subjected to DDoS attacks 100 Gbit/s. Pay 100 btc(bitcoin) on the account 1ACFJHoB8Z3KDwDn6XdNTEJb6S7VsQiLZG Do not reply to this

Akamai Confidential©2011 Akamai BitCoin – The attack

Akamai Confidential©2011 Akamai Akamai’s response

Akamai Confidential©2011 Akamai FBI Attack Warning The Tip -> The Response -> The Result ->