1 / 20

In the Cloud Security

In the Cloud Security. Highlighting the Need for Defense-in-Depth. R. H. Powell IV Director, Government Solutions CISSP Rpowell@Akamai.com W: 703.621.4029 M: 703.867.5899. Headlines You May Have Seen. Online attack hits US government Web sites (7 Jul 09)

karik
Télécharger la présentation

In the Cloud Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. In the Cloud Security Highlighting the Need for Defense-in-Depth R. H. Powell IV Director, Government SolutionsCISSP Rpowell@Akamai.com W: 703.621.4029 M: 703.867.5899

  2. Headlines You May Have Seen Online attack hits US government Web sites(7 Jul 09) Twitter DDoS Attack Politically Motivated, Says Report(7 Aug 09) With botnets everywhere, DDoS attacks get cheaper(15 Oct 09) Hacker grinches launch DDoS attack against Amazon (29 Dec 09) Carriers and ISPs fear rise in DDoS attacks in 2010(20 Jan 10) Chinese Human Rights Sites Hit by DDoS Attack(25 Jan 10) • Chinese ISP Momentarily hijacks the Internet (again)(8 Apr 10) • The Internet Goes to War(14 Dec 10) • Anonymous Launches DDoS Attacks on Sony(06 Apr 11) • Biggest Series of Cyber-Attacks in History Uncovered(03 Aug 11) • Hackers Target Mexico Government Websites(15 Sep 11) • Anonymous Threatens to ‘Erase NYSE from the Internet’(3 Oct 11) • LulzSec Hacker Group Claims Attack on US Senate Website(5 Oct 11) Canadian ISP Website – SQL Injection Vulnerability(5 Oct 11)

  3. Headlines You DID NOT See Independence Day Attacks Paralyze the U.S. Financial & Government Websites Attacked and Taken Down: Stocks Show Concerns President Delays Trip Due to Cyber Attacks

  4. The Threat is Real • DDoS is the #1 Preferred Method of Attack (TrustWave 2011) • 74% of surveyed companies experienced one or more DDoS attacks in the past year, 31% of these attacks resulting in service disruption – Forrester Research • LulzSec, Anonymous declare war on government websites Hacker groups call for stealing, leaking classified information • By Kevin McCaney Jun 20, 2011

  5. Akamai Attack Trends in 2011 • Total DDoS attack volume against Akamai customers is growing 100% 2010 – 2011 • Average Attack sizes are in the 3 -10 Gbps range • Attacks are originating from all geographies and are moving between geographies during the attack 2011 volume is projected based on actuals through September • The Akamai network saw more DDoS attacks in the fourth quarter of 2010 than in the first three quarters of the year combined • – Tom Leighton, Chief Scientist, Akamai Technologies

  6. Why? Political Hackitivism • Extortion / Theft State Sponsored Traditional Hackers: Glory Hounds

  7. Why? Political Hackitivism • Extortion / Theft State Sponsored Traditional Hackers: Glory Hounds

  8. July 4th DDoS Attack TimelineDistributed, Agile and Multi-Phased Attack Protected Akamai Customers from Effects Absorbed: 1M+ Hps; 200+ Gbps; 300k+ Attack IPs Denied the Attacker - Affects on Targets Maintained Customer Brand Integrity Provided Near Real-Time SA & Alerting Provided Analysis to US Cyber Officials Akamai Provides Customers the Ability to “Fight Through” the Attack ! All Targeted Applications on the Akamai Platform Remained Available. All Targets Applications not on the Akamai Platform were Rendered Unavailable. “The first list had only five targets — all U.S. government sites. A second list used by the malware on July 6 had 21 targets, all U.S. government and commercial sector sites, including e-commerce and media sites. A list on the 7th switched out some of the U.S. sites for ones in South Korea. …- Joe Stewart, director of malware research at SecureWorks “While Treasury Department and Federal Trade Commission Web sites were shut down by the software attack, which lasted for days over the holiday weekend, others such as the Pentagon and the White House were able to fend it off with little disruption” -- New York Times

  9. Oct 5, 2011: Vulnerability Scanning Shut Down • Scanning triggers alerts • Offending requests are identified and denied <4hrs

  10. Why? Political Hackitivism • Extortion / Theft State Sponsored Traditional Hackers: Glory Hounds

  11. Holiday Season 2010 – DDoS AttacksAttacked eCommerce Web Sites Protected by Akamai Averted $15M in Lost Revenue Peak AttackTime (GMT) 11/30 2PM 12/1 2PM 11/30 2PM 12/1 1PM 12/1 1PM Times AboveNormal Traffic 9,095x 5,803x 3,115x 2,874x 1,807x PROTECTED Customer #1 Customer #2 Customer #3 Customer #4 Customer #5 Customer 1 Customer 2 Highly distributed international DDoS attacks from Asia-Pac, South America and Middle East Customer 3

  12. Why? Political Hackitivism • Extortion / Theft State Sponsored Traditional Hackers: Glory Hounds

  13. Customer Telemetry – Q2 2011 During LOIC Attacks Average response time during attack: 0.87 seconds. Availability during the LOIC attack: 100%

  14. Why? Political Hackitivism • Extortion / Theft State Sponsored Traditional Hackers: Glory Hounds

  15. Bitcoin

  16. Let’s hold somebody ransom (the actual ransom note) • Your site www.#####.de will be subjected to DDoS attacks 100 Gbit/s. • Pay 100 btc(bitcoin) on the account • 1ACFJHoB8Z3KDwDn6XdNTEJb6S7VsQiLZG • Do not reply to this email

  17. BitCoin – The attack

  18. Akamai’s response

  19. FBI Attack Warning • The Tip -> • The Response -> • The Result ->

More Related