If you follow my postings on all things malicious, which unfortunately have become a dominant subject in recent weeks, you are aware of my delight in gleaning new insights from subject matter experts. In perusing the now almost daily flow of information on bad guy activities—who they are attacking, the impact, user reactions, estimated cost of being out of service, tools of mayhem being employed, frequency and sophistication, recommended defenses, etc.—it got me to wondering if there were any days when certain entities and assets were most vulnerable to being attacked.
It is easy to understand attacks. This is especially true of pernicious denial of service attacks (DoS), of either the straight or the even more malevolent distributed (DDoS) kind, which are aimed to shutting down things like retailers, government agencies, and media outlets. In fact, the picture tends to become very clear when the perpetrators gloat about their exploits. However, such attacks seem random in terms of timing. Some of this is likely because of when and how they are reported including the fact that such attacks can go undetected for long periods of time, and or are not serious enough to do anything except make the Internet seem slow and thus make those under attack shy about reporting them.
With this question my “inquiring minds want to know” list, I was intrigued by recent research from applications delivery and security company Radware. Timed wisely to be just in front of the painful 9/11 date here in the U.S., which has been a date now saturated with rumors about coordinated attacks from the Middle East, Radware’s analysis revealed there is a direct correlation between important dates and increases in DoS attacks.
The most significant ones actually are kind of obvious due to the nature of the dates and hence who would be targeted. The top ones are in no rank order:
Hackers also like to obviously disrupt specific business sectors based on contextual awareness and thus use the big shopping dates to target retailers, and credit card companies, for example.
Just as an aside, comedian Woody Allen once remarked about his being highly disturbed in August in New York because that was when all the psychiatrists were on vacation. Based on observation as to why industry events in the U.S. are not held in August, and I am not saying this as encouragement to the hackers, that month seems to be one when the troops and not necessarily the generals are manning the barricades.
"Timing is an extremely influential risk-factor for cyber attacks throughout the year," said Carl Herberger, vice president of security solutions for Radware. "Hackers capitalize on overwhelming their target's environment on days of great importance and look to exploit vulnerabilities that cause the most detriment. Because these types of assaults show no signs of slowing, it's crucial that businesses implement anticipatory security measures in preparation of these peak times so that networks and data centers are able to properly detect and defend against sophisticated threats."
Based on the fact that we are heading into what could be characterized as a “target rich” time of the year for dates on which to perform one or both type of mayhem, Radware says the correlation not only should be taken seriously but should be dealt with proactively with a sense of urgency.
The company is therefore recommending five foundational and common sense steps that can be taken immediately by network administrators and security professionals to defend and prepare their networks during these at-risk times of the year:
I have said this before and it bears repeating. Understanding where your organization is vulnerable, and specifically on what days it might be most vulnerable, is the best way of formulating a strategy for mitigating risks. The steps above may seem almost mundane, but unfortunately it might surprise you how many entities do not do all of the above.
The only thing I would add to the list is have a good crisis management plan in place. As recent events have shown, stuff is going to happen, and the biggest hit to your organization’s reputation is not necessarily the dollars lost during a breach or outage but how well you keep customers informed as to what is happening. Forgiveness is becoming a scarce resource as more and more problems come to light, and how to explain things and treat customers now also has a sense of urgency as part of security planning.
Image via Shutterstock
I am going to admit to being surprised by the U.S. Federal Communications Commission's (FCCs) Open Internet decision. FCC Chairman Tom Wheeler's new n…
After months of debate and the collection of comments from four million Americans, the Federal Communications Commission today voted on - and approved…
In what could be a match made in cord cutter heaven, Frontier Communications said it will bundle the TiVo Roamio OTA DVR with its high-speed data serv…
Ever since computers started connecting to each other, people have been thinking about how to keep information on them secure. As the Internet evolved…
Over the past few months, there has been a lot of uncertainty surrounding the broadband industry in the United States due to Title II reclassification…