Internet Security Trends LACNOG 2011 Julio Arruda LATAM Engineering Manager.

Slides:

Advertisements

Similar presentations

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.

Advertisements

EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU

David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1 © Aberdeen Group 2013 – Not For Distribution ™ Meeting the Rising Challenge of Modern Networks.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

Attackers Vs. Defenders: Restoring the Equilibrium Ron Meyran Director of Security Marketing January 2013.

Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.

2011 Infrastructure Security Report 7 th Annual Edition CE Latinamerica Carlos A. Ayala

©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Check Point DDoS Protector June 2012.

1 Telstra in Confidence Managing Security for our Mobile Technology.

SANE: A Protection Architecture for Enterprise Networks Offense by: Amit Mondal Bert Gonzalez.

© 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Tribal Telecom 2015.

(ISC) Global Information Security Workforce Study (GISWS) Results U.S. Federal Government.

SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.

Arbor Multi-Layer Cloud DDoS Protection

Arbor Networks solutions

Jak zwiększyć bezpieczeństwo i wysoką dostępność aplikacji wg

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

Mediacom. More Than Cable Mediacom is the nation’s 8 th largest cable company Brings broadband to community anchor institutions, including school districts,

Worldwide Infrastructure Security Report C F Chui, Arbor Networks.

MANAGED SERVICES OPERATIONS. Increasing IP Infrastructure Complexity Requires Greater Need for Services Data Center B2B Links Branch Offices Distribution.

Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.

ISSA Nashville Chapter, May 17 th 2013 Alexander Karstens Senior Systems Engineer IXIA Communications Preparing your organization for DDoS.

When the Sky is Falling Network-Scale Mitigation of High-Volume Reflection/Amplification DDoS Attacks Mike Sabbota

Norman SecureSurf Protect your users when surfing the Internet.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Reconnaissance & Enumeration Baseline, Monitor, Detect, Analyze, Respond, & Recover Hervey Allen Chris Evans Phil Regnauld September 3 – 4, 2009 Santiago,

IPv6 Emerging Stories of Success NANOG47 John Jason Brzozowski October 2009.

2012 Infrastructure Security Report Darren Anstee, Arbor Solutions Architect 8 th Annual Edition.

Market Analysis Decision Group.

(ISC) Global Workforce Study U.S. Government Results May 7, 2013.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

© 2010 Akamai Headlines You May Have Seen. © 2010 Akamai Headlines You DID NOT See POWERING A BETTER INTERNET President Delays Trip Due to Cyber Attacks.

Study Results Advanced Persistent Threat Awareness.

[Unrestricted]—For everyone ©2009 Check Point Software Technologies Ltd. All rights reserved. Introducing Check Point’s Software Blade Architecture Juliette.

Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.

It’s Not Just You! Your Site Looks Down From Here Santo Hartono, ANZ Country Manager March 2014 Latest Trends in Cyber Security.

Managing Threats in Changing World John DeGroot Lead Architect – Security, RBC Federation of Security Professionals – October 26, 2012.

In the Crossfire International Cooperation and Computer Crime Stewart Baker.

The UCSD Network Telescope A Real-time Monitoring System for Tracking Internet Attacks Stefan Savage David Moore, Geoff Voelker, and Colleen Shannon Department.

FOR INTERNAL USE ONLY [Your business] exceeds with COLT Network Response to DDoS attacks – TNC 2006 Nicolas FISCHBACH Senior Manager, Network Engineering.

Bandwidth Distributed Denial of Service: Attacks and Defenses.

Drew Reinders | GSEC Principal Solutions Engineer Defending Your Castle.

ISSA June 2005 Luncheon Are You Ready for VOIP? Tim McCreight – CISSP CPP ARC Business Solutions Inc.

Net Optics Confidential and Proprietary 1 Bypass Switches Intelligent Access and Monitoring Architecture Solutions.

Lecture 12 Page 1 CS 236, Spring 2008 Virtual Private Networks VPNs What if your company has more than one office? And they’re far apart? –Like on opposite.

Lecture 20 Page 1 Advanced Network Security Basic Approaches to DDoS Defense Advanced Network Security Peter Reiher August, 2014.

AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering

Enhance Security of IP Network using New Architecture of Address Validation Xiaodong Duan China Mobile.

Protecting your site from DDoS and data breach attacks Ronan Lavelle LeaseWeb Web Application Security Group.

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. State of Network Security.

Firewalls2 By using a firewall: We can disable a service by throwing out packets whose source or destination port is the port number for that service.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

The cost of Cybercrime 1 Steve Lamb Regional Marketing Manager – EMEA, Enterprise Security Products Twitter: actionlamb.

TLP:Green FIRST/TF-CSIRT Technical Colloquium January 25 th – 27 th, 2016 Prague, CZ TLP:Green.

Peering Economics for Content Providers / GPF2.0 / Dani Roisman Peering Economics for Content Providers March 29, 2007 Dani Roisman

Decision Group April 2010 Market Analysis. Agenda  Market  DPI/DPC Market Size  Market Segments  Forensic Solution Market  Competitors  Decision.

By Steve Shenfield COSC 480.  Definition  Incidents  Damages  Defense Mechanisms Firewalls/Switches/Routers Routing Techniques (Blackholing/Sinkholing)

Centre of Expertise - Security Securing your business against cybercrime Or surely we do not have anything to worry about...do we?

©2015 ARBOR ® CONFIDENTIAL & PROPRIETARY1 Rob Pollock - Sr. Channel Sales Manager Bilal Javaid - Manager, Consulting Engineering, Central U.S. Data Connectors.

1 Current Trends in Enterprise IT Network Security Key Takeaways Based on 100 Survey Responses © 2016 Lumeta Corporation.

Spike DDoS Toolkit A Multiplatform Botnet Threat.

OIT Security Operations

How to protect your network from the escalating threat of DDoS

A lustrum of malware network communication: Evolution & insights

How Smart Networks are Changing Corporate Networks

MISSION STRATEGIC DIRECTION

Backbone and Campus Security Threats/Trends

Digitization complicates visibility Market demands have taken the network beyond your perimeter Threats are more numerous and complex Threats are using.

Presentation transcript:

Internet Security Trends LACNOG 2011 Julio Arruda LATAM Engineering Manager

Page 2 - Company Confidential 2010 Infrastructure Security Survey  6 th Annual Survey  Survey conducted in September – October 2010  Diversity – Service providers – Content/ASPs – Enterprises – Broadband – Mobile – DNS – Educational

Page 3 - Company Confidential Key Findings of the Survey  Threat severity and complexity continue to increase – Attack size increases dramatically, impacting underlying network infrastructure – Application layer attacks continue with some new applications being targeted more frequently.  The Threat-to-Defense gap is the widest observed to date – DDoS attack capabilities of miscreants are outpacing the defensive measures taken by network service providers  Firewall and IPS equipment represents critical points of failure during DDoS attacks  Mobile network growth is a game changer – availability of limitless botnets with greater bandwidth and few network control points  New technologies affect fragility of Internet Infrastructure

Page 4 - Company Confidential DDoS Attack Sizes Over Time  Over 102% increase YOY in attack size shows resurgence of brute force and volumetric attack techniques  Internet providers have focused on application threats so miscreants turned back towards attacking network capacity

Page 5 - Company Confidential Application Layer Attacks  Application detection is becoming common place – 77% of respondents have successfully detected application layer attacks – Lynchpin service infrastructure remain top targets – Application attacks are advancing to more sophisticated services

Page 6 - Company Confidential Attack Frequency and Targets  Attack frequency is increasing – 69% of respondents see at least 1 DDoS attack per month – 35% of respondents see 10 or more DDoS attacks per month compared to 18% in 2009  Customers or services comprise 90% of targeted victims – Major collateral events are less common, but drive greater impact

Page 7 - Company Confidential Failure of Firewall and IPS in the IDC  Nearly half of all respondents have experienced a failure of their firewalls or IPS due to DDoS attack

Page 8 - Company Confidential Mobile Provider Security Posture  Roughly 50% report security problems with mobile subscribers  Mobile respondents demonstrate poor visibility into compromised hosts – 56% have no visibility into scale of compromised handsets – Optimistically, 17% say that there are none in the network – And 13% operators say at least 5% of customer base is compromised  Majority use NAT, firewalls and ACLS – 47 to 60%  DDoS mitigation and SMS filtering less common

Page 9 - Company Confidential Mobile Security Incidents  More than half of carriers have had outages in last year due to security incidents!  79% of mobile respondents say they have not had a DDoS attack explicitly targeting their infrastructure – Over 50% admit they have limited network visibility – How many DDoS events are they having that they simply don’t know about?  Mobile operators are more concerned about DNS, AAA, Mail attacks than fixed line providers  70% compared to 58% in fixed line

Page 10 - Company Confidential DNSSEC Threats  24% of respondents have deployed DNSSEC  Already 25% have experienced or expect problems and 31% expect increase in amplification attacks

Page 11 - Company Confidential The IPv6 Security Arms Race  Vendors and network operators are rushing to introduce IPv6 visibility and security as networks scale up

Page 12 - Company Confidential  As in 2010 most monitored attacks still small in 2011 :  78.5% less than 1Gb/sec (down from 93% in 2009 and 79% in 2010)  63.5% less than 1Mpps (down from 94% in 2009 and 87% in 2010)  Average size of attacks, Smaller Attacks Still Make up the Majority  Less than 1Gb/sec:  2010 is Mbps / Kpps  2011 is 332.1Mbps / 739.2Kpps  Less than 1Mpps:  2010 is Mbps / Kpps  2011 is 599.2Mbps / 335.7Kpps

Page 13 - Company Confidential  Average monthly attack size since start of  Average attack is 1.31Gbps / 1.62Mpps, July 2011 Attack Sizes have Grown Steadily since 2009  Average attacks sizes have grown by 40.6% / 165.7% since start of 2010

Page 14 - Company Confidential  Proportion of monitored attacks over 10Gb/sec has dropped by 48% so far in Large packet per second attacks increasing  Proportion of monitored attacks over 10Mpps has increased by 98.4% so far in 2011, compared to 2010.

Page 15 - Company Confidential  In 2009, 19.6% of monitored attacks targeted port 80.  In 2010 this had increased to 31%, and so far in 2011 we are at 37.3%. Increased Proportion of Attacks Targeting Port 80  Attacks targeting fewer ports  80 and 53 most prevalent.  75% drop in proportion of attacks over 10Gb/sec, from 2010 – still 47% up from 2009.

Page 16 - Company Confidential  Proportion of monitored attacks over 10Gb/sec fell back at the start of the  Growing again now. Proportion of Attacks Over 10Gbps and 10Mpps  Spikes in number of attacks over 10Mpps in March and July.  March = Belize Attacks

Page 17 - Company Confidential ATLAS LATAM Specifics 2010

Questions? Thank You! Julio Arruda