© Radware, Inc. 2014
The Art of Cyber War
Strategies in a rapidly evolving theatre
July 2014
The Art of War is an ancient Chinese military treatise attributed to Sun Tzu,
a high-ranking military general, strategist ...
Variation of Tactics 九變
The Army on the March 行軍
Illusion & Reality 虛實
The Use of Intelligence 用間
Laying Plans 始計
© Radwar...
Attack Vectors: Increasing Complexity
4© Radware, Inc. 2014
Individual Servers
Malicious software
installed on hosts and
servers (mostly located
at Russian and east
European universi...
不戰而屈人之兵,善之善者也
Current prices on the Russian underground market:
Hackingcorporatemailbox: $500
Winlockerransomware: $10-$20...
不戰而屈人之兵,善之善者也
7© Radware, Inc. 2014
Attack Length: Increasing Duration
8© Radware, Inc. 2014
Sophistication
20132010 2011 2012
• Duration: 3 Days
• 4 Attack Vectors
• Attack target: Visa, MasterCard
• Duration: 3 Da...
Variation of Tactics 九變
The Army on the March 行軍
Illusion & Reality 虛實
The Use of Intelligence 用間
Laying Plans 始計
© Radwar...
知彼知己,百戰不殆
If you know the enemy and know yourself, you need not fear the result of a hundred battles
Notable DDoS Attacks ...
Battlefield: Columbia Government On-line Services
Cause: Columbian Independence
Battle: A large scale cyber attack held on...
Attackers: Columbian Hackers
• A known hacker collective group suspected as being responsible
for several other cyber atta...
行軍: Columbia
Web application attacks:
• Directory traversal – web application attack to get access to
password files that ...
行軍: Operation Ababil
Battlefield: U.S. Commercial Banks
Cause: Elimination of the Film “Innocence of Muslims”
Battle: Phas...
行軍: Operation Ababil
Attackers: Cyber Fighters of Izz ad-Din al-Qassam
• Purported Iranian state sponsored acktavist colle...
行軍: Operation Ababil
HTTP flood attacks:
• Cause web server resource starvation due to overwhelming number of page downloa...
行軍: Operation Ababil
Parastoo
Iranian Cyber Army
al Qassam Cyber Fighters
Parastoo
Iranian Cyber Army
al Qassam Cyber Figh...
行軍: Operation Ababil
Challenge & Response Escalations:
• Automatic Challenge mechanisms are employed by the Radware Attack...
Battlefield: Spamhaus
Cause: Corporate Ideological Differences
Battle: A nine-day assault that resulted in the largest
rec...
行軍: Spamhaus
Attackers: CyberBunker?
• Provider of anonymous secure hosting services
Motivation: Retaliation against Spamh...
行軍: Spamhaus
Attack Method:
• The attack started as an 10-80Gbps attack that was firstly
contained successfully, it starte...
Battlefield: New York Times
Cause: Syrian Conflict
Battle: NYTimes Domain Name Server attack.
Result: New York Times websi...
行軍: New York Times
Attackers: Syrian Electronic Army
• Hackers aligned with Syrian President Bashar Assad. Mainly targets
...
Variation of Tactics 九變
The Army on the March 行軍
Illusion & Reality 虛實
The Use of Intelligence 用間
Laying Plans 始計
© Radwar...
Internet
Pipe
Firewall IPS/IDS Load Balancer
(ADC)
Server SQL
Server
Internet
26%
25%
8%
11%
22%
8%
27%
24%
8%
4%
30%
5%
不...
不可胜在己
DoS Defense Component
Vulnerability
Exploitation
Network Flood
Infrastructure
Exhaustion
Target Exhaustion
Network D...
不可胜在己
Proportion of businesses relying on CDNs for DDoS Protection
70%
28© Radware, Inc. 2014
不可胜在己
Bypassing CDN Protection
Botnet
E n t e r p r i s e
C D N
GET www.enterprise.com/?[Random]
29© Radware, Inc. 2014
不可胜在己
Cloud protection limitations
Botnet
Volumetric attacks
Low & Slow attacks
SSL encrypted attacks
E n t e r p r i s e
...
兵者 詭道也
All warfare is based on deception
Threats: Universal DDoS Mitigation Bypass
Source: BlackHat USA 2013
Presenters: N...
兵者 詭道也
Tool: Kill ‘em All 1.0
• Harnesses techniques such as Authentication
Bypass, HTTP redirect, HTTP cookie and
JavaScr...
Variation of Tactics 九變
The Army on the March 行軍
Illusion & Reality 虛實
The Use of Intelligence 用間
Laying Plans 始計
© Radwar...
兵之情主速
Speed is the essence of war
AttackDegreeAxis
Attack Area
Suspicious
Area
Normal
Area
34© Radware, Inc. 2014
兵之情主速
T H E S E C U R I T Y G A P
Attacker has time to bypass automatic mitigation
Target does not possess required defens...
兵之情主速
36© Radware, Inc. 2014
兵之情主速
37© Radware, Inc. 2014
Variation of Tactics 九變
The Army on the March 行軍
Illusion & Reality 虛實
The Use of Intelligence 用間
Laying Plans 始計
© Radwar...
故兵貴勝,不貴久
What is essential in war is victory, not prolonged operations
• Envelope Attacks – Device Overload
• Directed Att...
故兵貴勝,不貴久
• Web Attacks
• Application Misuse
• Connection Floods
• Brute Force
• Directory Traversals
• Injections
• Scrapi...
故兵貴勝,不貴久
Attack Detection: Volumetric Attacks
• Network DDoS
• SYN Floods
• HTTP Floods
41© Radware, Inc. 2014
Attack Mitigation Network: Low & Slow, SSL Encrypted
Botnet
E n t e r p r i s e
C l o u d S c r u b b i n g
H o s t e d D ...
Attack Mitigation Network: Application Exploits
Botnet
E n t e r p r i s e
C l o u d S c r u b b i n g
H o s t e d D a t a...
Botnet
E n t e r p r i s e
C l o u d S c r u b b i n g
H o s t e d D a t a
C e n t e r
Attack Mitigation Network: Volumetr...
Botnet
C l o u d S c r u b b i n g
H o s t e d D a t a
C e n t e r
Attack Mitigation Network: Volumetric Attacks
E n t e r...
Botnet
C l o u d S c r u b b i n g
H o s t e d D a t a
C e n t e r
Attack Mitigation Network: Volumetric Attacks
E n t e r...
Don’t assume that you’re not a
target.
Draw up battle plans. Learn from the
mistakes of others.
没有战略,战术是之前失败的噪音
Tactics wi...
Protecting your data is not the same
as protecting your business.
True security necessitates data
protection, system integ...
You don’t control all of your critical
business systems.
Understand your vulnerabilities in the
distributed, outsourced wo...
You can’t defend against attacks you
can’t detect.
The battle prepared business
harnesses an intelligence network.
没有战略,战术...
Don’t believe the DDoS protection
propaganda.
Understand the limitations of cloud-
based scrubbing solutions.
Not all netw...
Know your limitations.
Enlist forces that have expertise to
help you fight.
没有战略,战术是之前失败的噪音
限制
Limitations
52© Radware, In...
你准备好了吗?
Are You Ready?
53© Radware, Inc. 2014
Carl Herberger, VP Security Solutions, Radware
carl.herberger@radware.com
谢谢
Thank You
© Radware, Inc. 2014
Upcoming SlideShare
Loading in …5
×

The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre

3,822 views

Published on

Is the world in the midst of a cyber-war? If so, what are the implications?

In this presentation Carl Herberger, Radware's VP of Security Solutions, explores some of the most notable recent cyber-attacks and how many of the findings correlate with the tenets of warfare as defined in The Art of War by Sun Tzu, the ancient military general, strategist and tactician.

How should organizations be preparing for an information security landscape that is shaped by ideologically motivated cyber warfare rather than just opportunistic cyber-crime? Learn the techniques being employed to safeguard IT operations in a theatre that is witnessing ever more sophisticated attacks.

For more on how to help detect, mitigate and win this cyber war battle, visit here: http://www.radware.com/ert-report-2013/ to download the 2013 Global Application and Network Security Report.

Published in: Business

The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre

  1. 1. © Radware, Inc. 2014 The Art of Cyber War Strategies in a rapidly evolving theatre July 2014
  2. 2. The Art of War is an ancient Chinese military treatise attributed to Sun Tzu, a high-ranking military general, strategist and tactician. It is commonly known to be the definitive work on military strategy and tactics, and for the last two thousand years has remained the most important military dissertation in Asia. It has had an influence on Eastern and Western military thinking, business tactics, legal strategy and beyond. Leaders as diverse as Mao Zedong and General Douglas MacArthur have drawn inspiration from the work. Many of its conclusions remain valid today in the cyber warfare era. 2© Radware, Inc. 2014
  3. 3. Variation of Tactics 九變 The Army on the March 行軍 Illusion & Reality 虛實 The Use of Intelligence 用間 Laying Plans 始計 © Radware, Inc. 2014
  4. 4. Attack Vectors: Increasing Complexity 4© Radware, Inc. 2014
  5. 5. Individual Servers Malicious software installed on hosts and servers (mostly located at Russian and east European universities), controlled by a single entity by direct communication. Examples: Trin00, TFN, Trinity Botnets Stealthy malicious software installed mostly on personal computers without the owner’s consent; controlled by a single entity trough indirect channels (IRC, HTTP) Examples: Agobot, DirtJumper, Zemra Voluntary Botnets Many users, at times as part of a Hacktivist group, willingly share their personal computers. Using predetermined and publicly available attack tools and methods, with an optional remote control channel. Examples: LOIC, HOIC New Server-based Botnets Powerful, well orchestrated attacks, using a geographically spread server infrastructure. Few attacking servers generate the same impact as hundreds of clients. 20121998 - 2002 1998 - Present 2010 - Present 不戰而屈人之兵,善之善者也 To subdue the enemy without fighting is the acme of skill 5© Radware, Inc. 2014
  6. 6. 不戰而屈人之兵,善之善者也 Current prices on the Russian underground market: Hackingcorporatemailbox: $500 Winlockerransomware: $10-$20 Unintelligentexploitbundle: $25 Intelligentexploitbundle: $10-$3,000 Basiccrypter(forinsertingroguecodeintobenignfile): $10-$30 SOCKSbot(togetaroundfirewalls): $100 HiringaDDoSattack: $30-$70/day,$1,200/month Botnet: $200for2,000bots DDoSBotnet: $700 ZeuSsourcecode: $200-$250 Windowsrootkit(forinstallingmaliciousdrivers): $292 HackingFacebookorTwitteraccount: $130 HackingGmailaccount: $162 Emailspam: $10peronemillionemails Emailscam(usingcustomerdatabase): $50-$500peronemillionemails 6© Radware, Inc. 2014
  7. 7. 不戰而屈人之兵,善之善者也 7© Radware, Inc. 2014
  8. 8. Attack Length: Increasing Duration 8© Radware, Inc. 2014
  9. 9. Sophistication 20132010 2011 2012 • Duration: 3 Days • 4 Attack Vectors • Attack target: Visa, MasterCard • Duration: 3 Days • 5 Attack Vectors • Attack target: HKEX • Duration: 20 Days • More than 7 Attack vectors • Attack target: Vatican • Duration: 7 Months • Multiple attack vectors • Attack target: US Banks 故善战者,立于不败之地 The good fighters of old first put themselves beyond the possibility of defeat 9© Radware, Inc. 2014
  10. 10. Variation of Tactics 九變 The Army on the March 行軍 Illusion & Reality 虛實 The Use of Intelligence 用間 Laying Plans 始計 © Radware, Inc. 2014
  11. 11. 知彼知己,百戰不殆 If you know the enemy and know yourself, you need not fear the result of a hundred battles Notable DDoS Attacks in the Last 12 Months 11© Radware, Inc. 2014
  12. 12. Battlefield: Columbia Government On-line Services Cause: Columbian Independence Battle: A large scale cyber attack held on July 20th - Columbian Independence Day - against 30 Colombian government websites. Result: Most web sites were either defaced or shut down completely for the entire day of the attack. 行軍: Columbia 12© Radware, Inc. 2014
  13. 13. Attackers: Columbian Hackers • A known hacker collective group suspected as being responsible for several other cyber attacks in Colombia during 2012-13. The group was supported by sympathizers use Twitter to communicate. Motivation: Ideological • Anti-government stance claiming to stand for “freedom, justice and peace.” Mantra: “We are Colombian Hackers, to serve the people.” 行軍: Columbia 13© Radware, Inc. 2014
  14. 14. 行軍: Columbia Web application attacks: • Directory traversal – web application attack to get access to password files that can be later cracked offline. • Brute force attacks on pcAnywhere service – looking for weak password protected accounts enables attackers to gain remote access to victim servers. • SQL Injection attacks – web application attacks to gain remote server access. • Web application vulnerability scanning • Application attacks: we have mainly seen HTTP Flood attacks Network DDoS attacks: • SYN floods, UDP floods, ICMP floods • Anomalous traffic (invalid TCP flags, source port zero, invalid L3/L4 header) • TCP port scans 14© Radware, Inc. 2014
  15. 15. 行軍: Operation Ababil Battlefield: U.S. Commercial Banks Cause: Elimination of the Film “Innocence of Muslims” Battle: Phase 4 of major multi-phase campaign – Operation Ababil – that commenced during the week of July 22nd. Primary targets included: Bank of America, Chase Bank, PNC, Union Bank, BB&T, US Bank, Fifth Third Bank, Citibank and others. Result: Major US financial institutions impacted by intensive and protracted Distributed Denial of Service attacks. 15© Radware, Inc. 2014
  16. 16. 行軍: Operation Ababil Attackers: Cyber Fighters of Izz ad-Din al-Qassam • Purported Iranian state sponsored acktavist collective said to be acting to defend Islam Motivation: Religious Fundamentalism • “Well, misters! The break's over and it's now time to pay off. After a chance given to banks to rest awhile, now the Cyber Fighters of Izz ad-Din al-Qassam will once again take hold of their destiny. As we have said earlier, the Operation Ababil is performed because of widespread and organized offends to Islamic spirituals and holy issues, especially the great prophet of Islam(PBUH) and if the offended film is eliminated from the Internet, the related attacks also will be stopped. While the films exist, no one should expect this operation be fully stopped. The new phase will be a bit different and you'll feel this in the coming days. Mrt. Izz ad-Din al-Qassam Cyber Fighters” 16© Radware, Inc. 2014
  17. 17. 行軍: Operation Ababil HTTP flood attacks: • Cause web server resource starvation due to overwhelming number of page downloads. Encrypted attacks: • SSL based HTTPS GET requests generate a major load on the HTTP server by consuming 15x more CPU in order to process the encrypted attack traffic. Massive TCP and UDP flood attacks: • Targeting both Web servers and DNS servers. Radware Emergency Response Team tracked and mitigated attacks of up to 25Gbps against one of its customers. Source appears to be Brobot botnet. DNS amplification attacks: • Attacker sends queries to a DNS server with a spoofed address that identifies the target under attack. Large replies from the DNS servers, usually so big that they need to be split over several packets, flood the target. 17© Radware, Inc. 2014
  18. 18. 行軍: Operation Ababil Parastoo Iranian Cyber Army al Qassam Cyber Fighters Parastoo Iranian Cyber Army al Qassam Cyber Fighters 22 Events 1 Event 2010 2011 2012 2013 Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Source: Analysis Intelligence Event Correlation: Iranian Linked Cyber Attacks 18© Radware, Inc. 2014
  19. 19. 行軍: Operation Ababil Challenge & Response Escalations: • Automatic Challenge mechanisms are employed by the Radware Attack Mitigation System to discriminate between legitimate traffic and attack tools • Phase 4 attackers implemented advanced mechanisms that emulated normal web browser users in order to circumvent mitigation tools • Necessitated the implementation of increasingly sophisticated challenge mechanisms that could not be supported by attack tools S c r i p t 3 0 2 R e d i r e c t C h a l l e n g e J S C h a l l e n g e S p e c i a l C h a l l e n g e Kamikaze Pass Not pass Not pass Kamina Pass Not pass Not pass Terminator Pass Pass Not pass 19© Radware, Inc. 2014
  20. 20. Battlefield: Spamhaus Cause: Corporate Ideological Differences Battle: A nine-day assault that resulted in the largest recorded volumetric Distributed Denial of Service attack that peaked at over 300Gbps. Result: Spamhaus actually went down but claimed to have withstood the attack but only with the assistance from companies such as CloudFlare and Google. Given the scale of the attack and the techniques used, concerns were expressed that the very fabric of the internet could be compromised. 行軍: Spamhaus 20© Radware, Inc. 2014
  21. 21. 行軍: Spamhaus Attackers: CyberBunker? • Provider of anonymous secure hosting services Motivation: Retaliation against Spamhaus • CyberBunker, a provider of secure and anonymous hosting services, was blacklisted by Spamhaus, a non-profit anti-spamming organization that advises ISPs. It was claimed that CyberBunker was a 'rogue' host and a haven for cybercrime and spam organizations. Spamhaus alleged that Cyberbunker, with the aid of "criminal gangs" from Eastern Europe and Russia, launched a DDoS attack against Spamhaus for “abusing its influence.” 21© Radware, Inc. 2014
  22. 22. 行軍: Spamhaus Attack Method: • The attack started as an 10-80Gbps attack that was firstly contained successfully, it started as a volumetric attack on layer 3 and peaked to 75Gbps on March 20. • During March 24-25 the attack grew to 100Gbps, peaking at 309Gbps. • No Botnet in use. Attackers were using servers on networks that allow IP spoofing in conjunction with open DNS resolvers. • Miss-configured DNS resolvers – with no response rate limiting - allow the amplification of the attack by the factor of 50! • Nearly 25% of the networks are configured to allow spoofing instead of employing BCP38… • There are over 28 Million open resolvers in operation… 22© Radware, Inc. 2014
  23. 23. Battlefield: New York Times Cause: Syrian Conflict Battle: NYTimes Domain Name Server attack. Result: New York Times website taken offline for almost 2 hours as domain was redirected to Syrian Electronic Army servers. 行軍: New York Times 23© Radware, Inc. 2014
  24. 24. 行軍: New York Times Attackers: Syrian Electronic Army • Hackers aligned with Syrian President Bashar Assad. Mainly targets political opposition groups and western websites, including news organizations and human rights groups. Attacks: Spear Phishing & Directed DNS Attacks • Phishing attacks on Melbourne IT, the New York Times DNS registrar. • SEA hacked the NYT account and redirected the domain to its servers. 24© Radware, Inc. 2014
  25. 25. Variation of Tactics 九變 The Army on the March 行軍 Illusion & Reality 虛實 The Use of Intelligence 用間 Laying Plans 始計 © Radware, Inc. 2014
  26. 26. Internet Pipe Firewall IPS/IDS Load Balancer (ADC) Server SQL Server Internet 26% 25% 8% 11% 22% 8% 27% 24% 8% 4% 30% 5% 不可胜在己 Being unconquerable lies with yourself 26© Radware, Inc. 2014
  27. 27. 不可胜在己 DoS Defense Component Vulnerability Exploitation Network Flood Infrastructure Exhaustion Target Exhaustion Network Devices No No Some Some Over-Provisioning No Yes, bandwidth Yes, infrastructure Yes, server & app. Firewall & Network Equipment No No Some Some NIPS or WAF Security Appliances Yes No No, part of problem No Anti-DoS Box (Stand-Alone) No No Yes Yes ISP-Side Tools No Yes Rarely Rarely Anti-Dos Appliances (ISP Connected) No Yes Yes Yes Anti-DoS Specialty Provider No Yes Yes Yes Content Delivery Network No Yes Yes Limited 27© Radware, Inc. 2014
  28. 28. 不可胜在己 Proportion of businesses relying on CDNs for DDoS Protection 70% 28© Radware, Inc. 2014
  29. 29. 不可胜在己 Bypassing CDN Protection Botnet E n t e r p r i s e C D N GET www.enterprise.com/?[Random] 29© Radware, Inc. 2014
  30. 30. 不可胜在己 Cloud protection limitations Botnet Volumetric attacks Low & Slow attacks SSL encrypted attacks E n t e r p r i s e C l o u d S c r u b b i n g 30© Radware, Inc. 2014
  31. 31. 兵者 詭道也 All warfare is based on deception Threats: Universal DDoS Mitigation Bypass Source: BlackHat USA 2013 Presenters: Nexusguard Ltd, NT-ISAC Bloodspear Labs Goal: Defeat all known mechanisms for automatic mitigation of DDoS attacks Authors: Tony T.N. Miu, Albert K.T. Hui, W.L. Lee, Daniel X.P. Luo, Alan K.L. Chung, Judy W.S. Wong or CAPTCHA-based authentications being the most effective by far. However, in our research weaknesses were found in a majority of these sort of techniques. We rolled all our exploits into a proof-of-concept attack tool, giving it near-perfect DDoS mitigation bypass capability against almost every existing commercial DDoS mitigation solutions. The ramifications are huge. For the vast majority of web sites, these mitigation solutions stand as the last line of defense. Breaching this defense can expose these web sites' backend to devastating damages. We have extensively surveyed DDoS mitigation technologies available on the market today, uncovering the countermeasure techniques they employ, how they work, and 31© Radware, Inc. 2014
  32. 32. 兵者 詭道也 Tool: Kill ‘em All 1.0 • Harnesses techniques such as Authentication Bypass, HTTP redirect, HTTP cookie and JavaScript • True TCP behavior, believable and random HTTP headers, JavaScript engine, random payload, tunable post authentication traffic model • Defeats current anti-DDoS solutions that detect malformed traffic, traffic profiling, rate limiting, source verification, Javascript and CAPTCHA-based authentication mechanisms • Creators allege that the tool is technically indistinguishable from legitimate human traffic Tested: Arbor PeakFlow TMS, Akamai, Cloudflare, NSFocus Anti-DDoS System 32© Radware, Inc. 2014
  33. 33. Variation of Tactics 九變 The Army on the March 行軍 Illusion & Reality 虛實 The Use of Intelligence 用間 Laying Plans 始計 © Radware, Inc. 2014
  34. 34. 兵之情主速 Speed is the essence of war AttackDegreeAxis Attack Area Suspicious Area Normal Area 34© Radware, Inc. 2014
  35. 35. 兵之情主速 T H E S E C U R I T Y G A P Attacker has time to bypass automatic mitigation Target does not possess required defensive skills 35© Radware, Inc. 2014
  36. 36. 兵之情主速 36© Radware, Inc. 2014
  37. 37. 兵之情主速 37© Radware, Inc. 2014
  38. 38. Variation of Tactics 九變 The Army on the March 行軍 Illusion & Reality 虛實 The Use of Intelligence 用間 Laying Plans 始計 © Radware, Inc. 2014
  39. 39. 故兵貴勝,不貴久 What is essential in war is victory, not prolonged operations • Envelope Attacks – Device Overload • Directed Attacks - Exploits • Intrusions – Mis-Configurations • Localized Volume Attacks • Low & Slow Attacks • SSL Floods Detection: Encrypted / Non-Volumetric Attacks 39© Radware, Inc. 2014
  40. 40. 故兵貴勝,不貴久 • Web Attacks • Application Misuse • Connection Floods • Brute Force • Directory Traversals • Injections • Scraping & API Misuse Detection: Application Attacks 40© Radware, Inc. 2014
  41. 41. 故兵貴勝,不貴久 Attack Detection: Volumetric Attacks • Network DDoS • SYN Floods • HTTP Floods 41© Radware, Inc. 2014
  42. 42. Attack Mitigation Network: Low & Slow, SSL Encrypted Botnet E n t e r p r i s e C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r 故兵貴勝,不貴久 42© Radware, Inc. 2014
  43. 43. Attack Mitigation Network: Application Exploits Botnet E n t e r p r i s e C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r Attack signatures 故兵貴勝,不貴久 43© Radware, Inc. 2014
  44. 44. Botnet E n t e r p r i s e C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r Attack Mitigation Network: Volumetric Attacks 故兵貴勝,不貴久 44© Radware, Inc. 2014
  45. 45. Botnet C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r Attack Mitigation Network: Volumetric Attacks E n t e r p r i s e Attack signatures 故兵貴勝,不貴久 45© Radware, Inc. 2014
  46. 46. Botnet C l o u d S c r u b b i n g H o s t e d D a t a C e n t e r Attack Mitigation Network: Volumetric Attacks E n t e r p r i s e 故兵貴勝,不貴久 46© Radware, Inc. 2014
  47. 47. Don’t assume that you’re not a target. Draw up battle plans. Learn from the mistakes of others. 没有战略,战术是之前失败的噪音 Tactics without strategy is the noise before defeat 目标 Target 47© Radware, Inc. 2014
  48. 48. Protecting your data is not the same as protecting your business. True security necessitates data protection, system integrity and operational availability. 没有战略,战术是之前失败的噪音 可用性 Protection 48© Radware, Inc. 2014
  49. 49. You don’t control all of your critical business systems. Understand your vulnerabilities in the distributed, outsourced world. 没有战略,战术是之前失败的噪音 漏洞 Vulnerability 49© Radware, Inc. 2014
  50. 50. You can’t defend against attacks you can’t detect. The battle prepared business harnesses an intelligence network. 没有战略,战术是之前失败的噪音 检测 Detection 50© Radware, Inc. 2014
  51. 51. Don’t believe the DDoS protection propaganda. Understand the limitations of cloud- based scrubbing solutions. Not all networking and security appliance solutions were created equal. 没有战略,战术是之前失败的噪音 宣传 Propaganda 51© Radware, Inc. 2014
  52. 52. Know your limitations. Enlist forces that have expertise to help you fight. 没有战略,战术是之前失败的噪音 限制 Limitations 52© Radware, Inc. 2014
  53. 53. 你准备好了吗? Are You Ready? 53© Radware, Inc. 2014
  54. 54. Carl Herberger, VP Security Solutions, Radware carl.herberger@radware.com 谢谢 Thank You © Radware, Inc. 2014

×