Presentation is loading. Please wait.

Presentation is loading. Please wait.

Akamai Confidential©2011 Akamai. In the Cloud Security Highlighting the Need for Defense-in-Depth R. H. Powell IV Director, Government Solutions CISSP.

Published bySharleen Roberts Modified over 9 years ago

Similar presentations

Presentation on theme: "Akamai Confidential©2011 Akamai. In the Cloud Security Highlighting the Need for Defense-in-Depth R. H. Powell IV Director, Government Solutions CISSP."— Presentation transcript:

1 Akamai Confidential©2011 Akamai

2 In the Cloud Security Highlighting the Need for Defense-in-Depth R. H. Powell IV Director, Government Solutions CISSP Rpowell@Akamai.com W: 703.621.4029 M: 703.867.5899

3 Akamai Confidential©2011 Akamai Headlines You May Have Seen

4 Akamai Confidential©2011 Akamai Headlines You DID NOT See President Delays Trip Due to Cyber Attacks Independence Day Attacks Paralyze the U.S. Financial & Government Websites Attacked and Taken Down: Stocks Show Concerns

5 Akamai Confidential©2011 Akamai The Threat is Real DDoS is the #1 Preferred Method of Attack (TrustWave 2011) 74% of surveyed companies experienced one or more DDoS attacks in the past year, 31% of these attacks resulting in service disruption – Forrester Research LulzSec, Anonymous declare war on government websites Hacker groups call for stealing, leaking classified information By Kevin McCaney Jun 20, 2011Kevin McCaney

6 Akamai Confidential©2011 Akamai Akamai Attack Trends in 2011 Total DDoS attack volume against Akamai customers is growing 100% 2010 – 2011 Average Attack sizes are in the 3 - 10 Gbps range Attacks are originating from all geographies and are moving between geographies during the attack 2011 volume is projected based on actuals through September The Akamai network saw more DDoS attacks in the fourth quarter of 2010 than in the first three quarters of the year combined – Tom Leighton, Chief Scientist, Akamai Technologies

7 Akamai Confidential©2011 Akamai Why? Extortion / Theft Political Hackitivism State Sponsored Traditional Hackers: Glory Hounds

8 Akamai Confidential©2011 Akamai Why? Extortion / Theft Political Hackitivism State Sponsored Traditional Hackers: Glory Hounds

9 Akamai Confidential©2011 Akamai July 4 th DDoS Attack Timeline Distributed, Agile and Multi-Phased Attack “The first list had only five targets — all U.S. government sites. A second list used by the malware on July 6 had 21 targets, all U.S. government and commercial sector sites, including e-commerce and media sites. A list on the 7th switched out some of the U.S. sites for ones in South Korea. …- Joe Stewart, director of malware research at SecureWorks “While Treasury Department and Federal Trade Commission Web sites were shut down by the software attack, which lasted for days over the holiday weekend, others such as the Pentagon and the White House were able to fend it off with little disruption” -- New York Times Akamai Provides Customers the Ability to “Fight Through” the Attack ! All Targeted Applications on the Akamai Platform Remained Available. All Targets Applications not on the Akamai Platform were Rendered Unavailable. Protected Akamai Customers from Effects Absorbed: 1M+ Hps; 200+ Gbps; 300k+ Attack IPs Denied the Attacker - Affects on Targets Maintained Customer Brand Integrity Provided Near Real-Time SA & Alerting Provided Analysis to US Cyber Officials

10 Akamai Confidential©2011 Akamai Oct 5, 2011: Vulnerability Scanning Shut Down - Scanning triggers alerts - Offending requests are identified and denied <4hrs

11 Akamai Confidential©2011 Akamai Why? Extortion / Theft Political Hackitivism State Sponsored Traditional Hackers: Glory Hounds

12 Akamai Confidential©2011 Akamai Holiday Season 2010 – DDoS Attacks Attacked eCommerce Web Sites Protected by Akamai PROTECTED Customer #1 Customer #2 Customer #3 Customer #4 Customer #5 Times Above Normal Traffic 9,095x 5,803x 3,115x 2,874x 1,807x Peak Attack Time (GMT) 11/30 2PM 12/1 2PM 11/30 2PM 12/1 1PM Highly distributed international DDoS attacks from Asia- Pac, South America and Middle East Customer 1 Customer 2 Customer 3 Averted $15M in Lost Revenue

13 Akamai Confidential©2011 Akamai Why? Extortion / Theft Political Hackitivism State Sponsored Traditional Hackers: Glory Hounds

14 Akamai Confidential©2011 Akamai Customer Telemetry – Q2 2011 During LOIC Attacks Average response time during attack: 0.87 seconds. Availability during the LOIC attack: 100%

15 Akamai Confidential©2011 Akamai Why? Extortion / Theft Political Hackitivism State Sponsored Traditional Hackers: Glory Hounds

16 Akamai Confidential©2011 Akamai Bitcoin

17 Akamai Confidential©2011 Akamai Let’s hold somebody ransom (the actual ransom note) Your site www.#####.de will be subjected to DDoS attacks 100 Gbit/s. Pay 100 btc(bitcoin) on the account 1ACFJHoB8Z3KDwDn6XdNTEJb6S7VsQiLZG Do not reply to this email

18 Akamai Confidential©2011 Akamai BitCoin – The attack

19 Akamai Confidential©2011 Akamai Akamai’s response

20 Akamai Confidential©2011 Akamai FBI Attack Warning The Tip -> The Response -> The Result ->

Download ppt "Akamai Confidential©2011 Akamai. In the Cloud Security Highlighting the Need for Defense-in-Depth R. H. Powell IV Director, Government Solutions CISSP."

Similar presentations

Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
Introduction and Overview of Digital Crime and Digital Terrorism

Introduction and Overview of Digital Crime and Digital Terrorism
1 Schulte Research War of words with SAIC (State Administration for Industry and Commerce) Source: SCMP, ifeng, New York Times, Financial Times, Schulte.

1 Schulte Research War of words with SAIC (State Administration for Industry and Commerce) Source: SCMP, ifeng, New York Times, Financial Times, Schulte.
Akamai DNS Offerings RSA © Conference 2013. ©2013 AKAMAI | FASTER FORWARD TM Akamai DNS Solutions Enhanced DNS (eDNS) Scalable, outsourced, DNS solution.

Akamai DNS Offerings RSA © Conference ©2013 AKAMAI | FASTER FORWARD TM Akamai DNS Solutions Enhanced DNS (eDNS) Scalable, outsourced, DNS solution.
ELOC Bank Table Top Exercise Executive Leadership of Cybersecurity Austin, TX December 3, 2014 1.

ELOC Bank Table Top Exercise Executive Leadership of Cybersecurity Austin, TX December 3,
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? The premeditated, politically motivated attack against information, computer systems,

DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Akamai Confidential Web targeted DDoS attack: trends, tools and tactics Christiaan Ehlers, Senior Service Consultant – Akamai Technologies.

Akamai Confidential Web targeted DDoS attack: trends, tools and tactics Christiaan Ehlers, Senior Service Consultant – Akamai Technologies.
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
Information Security Overview in the Israeli E-Government April 2010 Ministry of Finance – Accountant General E-government Division.

Information Security Overview in the Israeli E-Government April 2010 Ministry of Finance – Accountant General E-government Division.
Cyber Crime Game Players By Marharyta Abreu & Iwona Sornat.

Cyber Crime Game Players By Marharyta Abreu & Iwona Sornat.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.

Radware DoS / DDoS Attack Mitigation System Orly Sorokin January 2013.
The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.

The Way to Protect The Smartest Way to Protect Websites and Web Apps from Attacks.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Building Trust in Digital Online World Dr. Shekhar Kirani Vice President VeriSign India 5th June 2009 IBA Conference.

Building Trust in Digital Online World Dr. Shekhar Kirani Vice President VeriSign India 5th June 2009 IBA Conference.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Jeff Williams 2015.  Intro  Awesome Times  Security Briefing  Service with Security.

Jeff Williams  Intro  Awesome Times  Security Briefing  Service with Security.
McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.

McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Similar presentations

Ads by Google