Security & Mobility Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
KyleAdams

Deconstructing Web Attack Trends in 2012

by Juniper Employee ‎02-24-2013 09:01 PM - edited ‎02-22-2013 10:33 AM

What do Wells Fargo, Tumblr and GoDaddy all have in common? Over the last year, they were all victims of targeted web attacks. These types of high profile attacks headlines were covered by breaking headlines and received widespread mainstream media coverage there are still very few breaches where the full details of the attacks emerge for public analysis and deeper understanding. So we decided to break down three of the major types of attacks we saw in the last year. This is by no means comprehensive, but certainly gives food for thought.

 

Distributed denial of service (DDoS) was a popular technique used against the websites of Bank of America, JPMorgan Chase, Wells Fargo, U.S. Bank and PNC Bank by the Islamist group Izz ad-Din al-Qassam to point thousands of high-powered application servers at the targeted banks. Due to the volume of traffic to these sites, this attack doubled the previous record for the worst denial of service attack. The same technique was used by Anonymous to attack GoDaddy’s website and bring down one of the world’s  largest Internet domain registrars and web hosts.

 

DDoS attacks are, in effect, simple and unsophisticated, easy to execute, relatively inexpensive to organize, and more of a nuisance or protest, rather than a true security breach. They are a method to exhaust the resources of the website’s infrastructure and effectively “occupy the building” of the organization’s website.  Put another way, if you organized a flash mob to fill the entire shop floor of a department store, so that nobody could move within the store, effectively preventing anybody from purchasing anything and, therefore, damaging the business by preventing real customers from gaining access to the store, you would create a denial of service for a brick and mortar retail store.

 

Breaches like those that compromised LinkedIn, eHarmony and Lastfm.com users’ when millions of encrypted passwords were hacked and posted on a Russian hackers Internet forum, prove that SQL injection attacks are still a problem, even for security focused organizations.

 

A trend in recent attacks, like the one on Tumblr, show that attackers are becoming more sophisticated and are reaching for newer, more creative and increasingly advanced techniques. The reason for this is that much of the low hanging fruit for more basic attacks is drying up, and as applications become more complex, new attack vectors exploiting the applications themselves are being developed.

 

The world of hacking is becoming more sophisticated and it is safe to assume that there is a finite group of malicious hackers exploiting websites and web applications around the globe but there is no clear picture of where they are located, what they are attacking and what techniques they use.

 

This week at RSA, we are announcing a new strategy to protect against these increasingly popular types of attacks in a much more definitive way. Our new set of products will provide better protections against web-based attacks and DDoS attacks on the datacenter with more definitive intelligence about attackers.  

Comments
by Muhammad Haider Ali(anon) on ‎02-26-2013 11:24 PM

Dear Kyle,

I hope you are well.

 

As you mentioned above, the trend of hacking / hijacking / injection is now being changed. I have also gone through your www.youtube.com video for Mykonos.

I am concerned about how Mykonos web secuirty deals with the XSS and XSRF injection. As this is initiated from the victims browser, how it will be detected by the Mykonos Web security and after detection how it will be deceiving the attacker ?

 

As far as i understand the technology behind the Mykonos, it works perfectly, if anything modified in the return code. But if any hacker is injecting anything from the victims browser and not modifying the tar trap, how mykonos understand and deal with it.

 

You help in this regard will be highly appreciated.

 

Thanks

 

Regards

 

Muhammad Haider Ali

+971554700895

 

Post a Comment
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
About Security & Mobility Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon

Our Bloggers

Kyle Adams
Senior Software Engineer

Profile | Subscribe

Ritesh Agrawal
Director
Software Engineering

Profile | Subscribe

Erin K. Banks
Senior Technical Marketing Manager

Profile | Subscribe

Ajay Bharadwaj
Product Manager

Profile | Subscribe

Michael Callahan
Vice President
Product Marketing

Profile | Subscribe

Scott Emo
Director
Product Marketing

Profile | Subscribe

Mora Gozani
Senior Manager
Product Marketing

Profile | Subscribe

Ashur Kanoon
Sr. Manager
Technical Marketing

Profile | Subscribe

Seema Kathuria
Manager
Product Marketing

Profile | Subscribe

Kevin Kennedy
Senior Director
Product Management

Profile | Subscribe

Dave Killion
Software Engineer

Profile | Subscribe

Rebecca Lawson
Senior Director
Product Marketing

Profile | Subscribe

Rajoo Nagar
Senior Manager
Product Marketing

Profile | Subscribe

Erin O'Malley
Manager
Product Marketing

Profile | Subscribe

Galina Pildush
Strategy & Planning
Architect

Profile | Subscribe

Edward Roberts
Director
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Ashutosh Thakur
Product Line Manager

Profile | Subscribe

Troy Vennon
Software Engineer

Profile | Subscribe

Brad Woodberg
Product Manager

Profile | Subscribe

Labels
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.