Somebody always has something to gain from a distributed-denial-of-service (DDoS) attack. A DDoS hit is carried out by a bot computer or hacker sending a large amount of innocent-looking traffic to a Website. All it takes are a few thousand requests per second to kill most of today's application stacks. If there is just an order of magnitude more, even the servers could buckle and crash the site. This is relatively easy to generate but extremely hard to separate between the DDoS traffic and the legitimate user traffic. One of the first DDoS attacks, in which hackers paralyzed systems with excess traffic, took place 13 years ago and was used purely as a method of extortion. Since then, DDoS attacks have become ubiquitous and are used in everything from social and political protests to business-to-business transactions. What was once a nuisance is now a mature threat that companies must reckon with. Leveraging case-study analysis of attacks over the last decade, the following slide show is a timeline demonstrating how DDoS attacks have shifted and how this will affect business moving forward. Key insight for this eWEEK slide show comes from Paul Bristow, senior director of the security business unit at Juniper Networks, and eWEEK reporting.
Security researchers link a cyber-attack on a Norwegian telecommunications carrier to India's IP space and to potential nation-state espionage.
NEWS ANALYSIS: The Chinese Army added to its cyber-warfare arsenal and is attacking U.S. networks that haven't been strengthened since the last attacks.
NEWS ANALYSIS: While Google Glass isn't sold to the general public yet, one congressional group is concerned how Google plans to meet privacy requirements.
Almost 290,000 cases of fraud were filed with the Internet Criminal Complaint Center in 2012, almost 40 percent of which had some form of fraud loss.
By adding a large number of fake entries, or "honeywords," to the password database, researchers believe they can better detect attacks.
Enterprises are now facing a wide range of cyber-security threats that target their infrastructure, applications, operations and even employees. As more companies put their business information online, there is an enlarging attack surface for hackers looking to access company Websites and IT infrastructure. Disturbingly, most attacks today are carried out automatically using an army of bots that are not targeting specific companies. Hackers instead are trying to reach as many Websites as possible to maximize their botnet ROI, and any company, big or small, is a target. With the rapid evolution of online threats, more cloud-based managed services are becoming a part of the enterprise security strategy. The benefits of mitigating threats at the perimeter, having security experts on your side, and not having to deal with updates, maintenance and other operational aspects are appealing to IT managers—even if they have an in-house security team. We examine these issues in this slide show, put together with resources from Eldad Chai, director of product management at Incapsula, and eWEEK reporting.
McAfee looks to extend security to multiple devices with LiveSafe, which will be available in June.
NEWS ANALYSIS: At its Sapphire Now conference, SAP announced mobile security products based largely on partnerships and offered in a cloud-based environment.
Microsoft announced its support for an international standard on secure software development, while an industry group offered a free training program for developers.
Backed by its own survey data, Microsoft asserts that consumers value their online privacy. Will Web services providers heed the warning?
REVIEW: eWEEK tried out NCP's Secure Enterprise VPN Client for Android, a new entry in the space of VPN clients for mobile devices.
The Pentagon spotlights China for sanctioning cyber-espionage, and Congress proposes a bill to block the import of products using stolen technology.
Authorities say that the defendants were members of a group that orchestrated the hacks of financial institutions around the world as well as the theft of millions.
SUPERAntiSpyware (SAS) for Business features a central management console for deploying and managing Support.com's client software on enterprise desktops.