Tag: Internet Security – Tag

Internet Security Solutions Against DDoS Attacks

A Denial of Service (DoS) attack involves the use of one computer and an Internet connection to make a service unavailable to a targeted resource or system. On the other hand, a Distributed Denial of Service (DDoS) attack can be defined as a type of Denial of Service (DoS) attack wherein many compromised systems (often infected with a Trojan) are made use of to target the Internet security of one system so that an online service becomes unavailable to it. Both the targeted system and all of the systems maliciously deployed and controlled by the hacker become victims of a DDoS attack.

Internet Security – How Does a DDoS Attack Work
12107260_1631701160438930_6232218729926678021_n

When a DDoS attack occurs, an online service becomes unavailable to a system because the incoming traffic from multiple sources overwhelms the victim. As a result, blocking of an IP address alone may not be enough to contain an attack. Moreover, it is often very difficult to differentiate between legitimate user traffic and attack traffic, especially when it is spread across many points of origin.

Perpetrators of DDoS attacks target sites as well as services that are hosted on high-profile servers such as that of banks, news websites, credit card payment gateways, etc.

Internet Security – Types of DDoS Attacks

DDoS attacks are of different types. They commonly include the following:

Traffic attacks

In these attacks, huge volumes of TCP, ICPM and UDP packets are sent to the target system. This results in a loss of legitimate requests. Often malware exploitation forms part of these attacks.

Bandwidth attacks

This type of a DDoS attack involves overloading of the target system with a large amount of junk data. This leads to a loss of network bandwidth.

Application attacks

These attacks lead to a depletion of application resources layer and this in turn leads to non-availability of services to the victim.

Internet Security – DDoS Attacks Are Turning Out to be Increasingly Problematic

Internet Security Solutions Against DDoS Attacks

DDoS attacks are becoming increasingly problematic as they have the ability to take a person or business offline. Hackers make use of such attacks to render sites inaccessible and as a ploy extort money from the users of target systems. Victims of a DDoS attack often suffer serious losses as it becomes difficult to process online transactions. This also results in prospective customers moving over to the victim’s competitors.

Further, the bot technology used by hackers for executing these attacks continues to improve as many of them have been able to overcome different forms of bot-detection techniques that have been employed.

Though the average duration of DDoS attacks have reduced, they are being used more frequently now. Hackers are adopting a hit-and-run approach to DDoS attacks (multiple short attacks are launched instead of prolonged single attacks) so that detecting and defending an attack becomes difficult.

Internet Security – How Can Businesses Protect Themselves against DDoS Attacks

In the recent times, there has been a surge in cyber-attacks and Internet security breaches. Cyber-gangs like DD4BC and Lizard Squad have been instrumental in bringing down bank, media and gaming networks through DDoS attacks. As these Internet security attacks become more complex, some of the steps that organizations can take to mitigate threats and protect assets include the following:

The black-holing or sinkholing approach involves blocking all traffic and diverting it to a black hole for discarding it. Further, the routers can be configured in order to prevent simple ping attacks. This is achieved by filtering out protocols that are not essential and blocking invalid IP addresses. Firewalls can be made use of to shut off a specific flow related to an attack.

Intrusion-detection systems that work in conjunction with firewalls have also been found to be useful in protecting businesses against DDoS attacks. Moreover, configuring server applications in a proper manner helps to minimize the effect of an attack. Further, use of DDoS mitigation appliances or redundant network devices and buying excess bandwidth can be of help in handling DDoS attacks.

All these approaches may be helpful, but are not fool-proof. Therefore, a better approach, as far as Internet security is concerned, would be to make use of a managed DNS service that is cloud based. This is because such a service is manned by dedicated experts with networks around the globe. This ensures web presence of the business and the availability of its critical web services at all times. Creating a backup also improves availability and performance of websites. For example, deploying websites at additional leased data centers or cloud services located across the globe improves the global reach of businesses.

Government Websites Converting To HTTPS For Internet Security

The American government through the White House Office of Management and Budget (OMB) has finalized its strategy for the adoption of HTTPs-Only Standard for all its publicly accessible web services and federal sites. This strategy is meant to bring in a new robust baseline for Internet security and user privacy across all APIs and government websites. This step is a new formal memorandum to all executive agencies. The OMB passed this proposal to the public for comments and so far received a tremendous lot of it. The US government is not the sole proposer of this new strategy as other internet bodies are calling for a default encrypted internet. In fact, Firefox and Chrome browsers which carry the highest amounts of traffic also support the idea of migrating to HTTPs from plain HTTP. This is how the US government is changing to HTTPS for improved Internet security.

redirect_https_http_htaccess_apache

The US government has come up with a memorandum that requires all the federal agencies to deploy their domains using a variety of guidelines. These guidelines are practical and reasonable for efficient deployment of HTTPs. For the newly developed sites and web services, the memorandum requires that all their federal agency domains and sub-domains adhere to the policy. Existing sites have an obligation to make priorities based on the risk analysis. Sites that involve the exchange of personal information, those that experience high traffic levels, identity, and other sensitive data should migrate immediately.

The unencrypted HTTP protocol subjects data to interception, alteration, modification, tracking and eavesdropping of user data. A majority of the federal sites in the US use the open HTTP protocol hence creating privacy vulnerability through exposure to Internet security threats. To address this, the US government wants such websites to adopt HTTPS-Only policies to protect the privacy of all visitors to their sites. The conversion is expected to begin now for them to adapt to the fast-paced Internet security landscape. This proactive strategy of the government will support the broad Internet adoption as well as promote better adoption of privacy standards by the federal sites.

The US government also require federal agencies to make all the existing sites as well as web services accessible via secure Internet connection i.e. HTTPs by December 31, 2016. Intranets are also being encouraged to use the HTTPs service. So far, the government comes up with a public dashboard that will aid in monitoring the progress of how these sites adopt the use of HTTPS. According to the recent reports, about a third of the sites have adopted the use of HTTPS although the degrees of Internet security vary. The existence of dashboard and grading in security suggests that federal sites looking forward to upgrading to HTTPS should go for the top level security. The OMB expects that the move will eradicate the common pitfalls of inconsistencies in deciding the type of content to be secured and that which should not.

HTTPS-Logo_w_600

The OMB affirms that though the adoption of HTTPS-Only standard comes with a cost, it is going to be outweighed by the Internet security benefits that come with it. The cost of procuring a certificate coupled with admin and maintenance cost will vary based on the technical infrastructure and size of a site. The timeline that the OMB has provided in the memorandum is enough for the responsible parties to adjust and adopt it.

All browsing activities by Internet users will be considered sensitive and private. This step is going to foster stronger privacy and improve the confidence of the people in their government. Perhaps, there has not been any virtue of consistency in most federal sites that use HTTPS as it leaves most American vulnerable to online threats. This step of providing private browsing experience to the people will therefore will position the government as the trusted leader in Internet security.

Internet Security Threats Other Than Cyber-Attacks

Cyber-attacks have been on the rise and it has negatively affected many big companies. TalkTalk is one of the recent victims whereby personal data of about 4 million of its customers was stolen. However, studies were conducted regarding online security and the results showed that there is a bigger risk to online security apart from cyber crime.

The Department for Business, Innovation and Skills (BIS) commissioned PricewaterhouseCoopers (PwC) to conduct a survey on incidents of cyber security across companies in the UK. The survey was aimed at creating awareness among UK businesses of the risks and key trends. PwC released a report which showed that security breaches that are staff related has risen to 75%. The previous year, only 58% of large companies were affected. Small businesses were not left out as 31% also suffered security breaches that were staff related. This is an increase from the previous year where only 22% of small businesses were affected.

Businesses that took part in the survey were questioned about the worst breach they had suffered and 50% of them said their worst breaches were caused by human error. This is an increase from the 31% that was recorded the previous year. The cost of these incidents has also doubled causing some to change the nature of their businesses. The report also stated that incidents of human error were “near certainty.” They advised businesses to ensure their defenses kept pace with the Internet security threats.

Cyber Attack
Apart from PwC, CheckRecipient also conducted its own research. CheckRecipient is a cyber security company and it works with law firms in the UK to ensure sensitive information is not emailed to the wrong person. The report showed that in 2014, 9% of the data security incidents reported was as a result of human error. This is higher than intentional cyber espionage that accounts for 0.8% of the data security incidents. The CEO of CheckRecipient, Tim Sadler, was surprised that not much attention was being given to the inside Internet security threat faced by most companies.

Security breaches caused by human error can be categorized into 3 parts and PwC reported on how each part was affected. They include:

1.Breach of laws and regulations that govern data protection. In 2014, 45% of such incidents occurred while in 2015, the incidents increased to 57%.

2.Unauthorized access to systems or data. 57% of such incidents occurred in 2014 but in 2015, they rose to 65%.

3.Loss or leakage of financial information. These incidents rose from 55% in 2014 to 66% in 2015.

Morrisons is one of the companies that suffered an incident related to personal data loss of its customers. Andrew Skelton who was a senior internal auditor in the head office at Bradford, received discipline for conducting eBay deals using the company’s postroom. Due to this, he got through company controls, obtained and leaked data that contained dates of birth, national insurance numbers, bank account details and salaries of nearly 100,000 employees. The information was sent to various newspapers. He was later sentenced to 8 years in jail. It costs Morrisons more than 2 million pounds to deal with the problem.

Internet Security
Despite the company’s efforts and Andrew Skelton being jailed, some 2000 current and former employees of the company have sued the company due to the leaked information claiming that the company had the responsibility of keeping such information confidential. Morrisons refused to accept liability for the actions of Andrew Skelton. The spokesman of the company also said the company was not aware of anyone who suffered financial loss from the breach.

In PwC’s report, it was noted that some of the Internet security incidents were as a result of giving low priority to security, poorly understood Internet security policies and lack of briefing company boards of security risks. Companies that had faced such problems suffered more security breaches compared to those that gave Internet security high priority, trained their staff on Internet security and briefed the board of the company about any security risks the company faces.

As Internet security threats increase due to human error, both small and large companies should focus on dealing with this Internet security threat first as it costs a lot of money to control the damage. After that, other Internet security threats can be focused on.