Remote working has exacerbated the risk of an email data breach even more for Microsoft users, with 67% of IT leaders reporting an increase in data breaches due to working from home, versus just 32% of IT leaders whose organisations aren’t using Microsoft 365. Looking to the future, 76% of IT leaders report that remote and hybrid working will make it harder to prevent email data loss from Microsoft 365, compared to 40% of those not using it.
400% Increase in OpenVPN Attacks and 86% rise in short duration floods while the risk of a repeat attack within a week grows by two thirds
AMERSHAM, England: Corero Network Security, a leading provider of real-time, high-performance, automatic Distributed Denial of Service (DDoS) cyber defense solutions has published the latest edition of its annual DDoS Threat Intelligence Report that compiles the latest trends, observations, predictions, and recommendations based on DDoS attacks against Corero customers during 2020.
The report, now in its 6th year, highlights that DDoS threats are growing in sophistication, size, and frequency. Yet 2020, also reveals changes in attacker behaviour during the pandemic including a year-over-year increase of nearly 400% in the use of OpenVPN reflections as an attack vector.
As the report co-author Ashley Stephenson for Corero explains, “OpenVPN as a reflection DDoS vector is bad news for the victim being attacked but, also for the organisation whose OpenVPN infrastructure is being used to launch the attack as their remote workers will suffer from a degraded, or possibly unusable, service, impacting productivity and, potentially, business continuity.”
The report also finds a 70% growth in DDoS attacks over 10Gbps as high packet rate attacks grew overall during 2020, compared to slight declines in 2019. The report suggests it is due to the increasing shift to 100Gbps Internet connectivity and is accompanied by a trend indicating more everyday DDoS larger than for 10G. Frequency of repeat attacks also grew with a 68% increase of organisations experiencing a second attack within a week.
However, the report does have some constructive recommendations regarding DDoS defense. “With a 2020 estimate that 99% of observed attacks are coming in below link saturation there is a real opportunity to detect and block many DDoS attacks in real time without requiring expensive and time-consuming traffic redirection to cloud solutions,” says Ashley, “This means that most attacks can be addressed by on-premises solutions without the disruption, risk or cost of re-routing customer traffic across the Internet to third party scrubbing centers.”
Looking towards 2021 and Ashley believes that the data from the report shows that DDoS attacks and threats are not going away anytime soon, “Once again we are reporting a net increase in the number of unique DDoS attack vectors seen in the wild and in the level of year-over-year DDoS activity,” he says, “The specific example of the mid-year FBI alert regarding the malicious use of built-in network protocols for DDoS attacks demonstrates that development of new vectors is inevitable. Yet our data shows that these exploits were already being used in attacks before the FBI alert and their use continues to grow to this day. Prevention is an impractical strategy, detection and mitigation continue to be the only defense.”
As the trend towards short duration, high intensity attacks using multiple vectors continues, Ashley advises that “…as organisations plan their strategy for effective DDoS protection, the relationship between time-to-mitigation and potential downtime is a vital consideration. Organisations must consider that the typical time to swing traffic to cloud DDoS protection means the attack is often already over and the damage may be done.”
Passwordless solution provider invests heavily in Europe with new hires and new Frankfurt data centre
LONDON: Passwordless identity management provider Beyond Identity has announced its expansion into Europe with a series of new hires to its sales, marketing and engineering team as well as a new Frankfurt data centre.
Innovative automated threat detection, investigation and response (TDIR) products illuminate industry’s first use case-driven, prescriptive and outcomes-based security solutions
Exabeam, the security analytics and automation company, today announced Exabeam Fusion XDR and Exabeam Fusion SIEM, two new powerful cloud-delivered security products that efficiently solve threat detection, investigation and response (TDIR) without disrupting an organisation’s existing technology stack. Exabeam Fusion products integrate market-leading behavioural analytics and automation capabilities to deliver the industry’s first outcomes-based approach to security operations (SecOps). The Fusion product line showcases an open system approach to extended detection and response (XDR) and security information and event management (SIEM) enabling any organisation to acquire an advanced TDIR layer on top of existing IT and security stacks. Exabeam is also announcing the general availability of its TDIR Use Case Packages that are integrated into Fusion XDR and Fusion SIEM.
To expose official corruption in Nigeria, re-orientate the psyche of Nigerians and usher in the Nigerian renaissance
Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.
About Vigilance
Vigilance is the brain child of a group of veteran journalists and international scholars who have worked in the mainstream media and distinguished themselves nationally and internationally before veering into security practice.
