Term 3
Grade 12 – Summative Assessment – Case Studies
Case study 1
DDoS attacks continue to evolve in Middle EastThe DDoS (distributed denial of service) attacks are continuing to evolve in the Middle East with high-volume attacks.
Darren Anstee, Chief Security Technologist at Arbor Networks, told Gulf News that the attackers use a large volume of traffic to cut their targets off from the internet. The number of attacks in the first half of the year rose to 61,937. There were only 29,326 in 2014.Most large attacks use a technique known as reflection amplification, accounting for 33.5 per cent.
Reflection amplification is a technique that allows an attacker to both increase the amount of traffic they can generate, and complicate the original sources of that attack traffic.
The maximum attack size was less than 59Gbps in the first half compared to 84.36Gbps in 2014 but he said that the average duration of attack in the Middle East is double that of the global overage of one hour.The top three producers of DDoS attacks in the second quarter of this year were the US, the UK and China.
Saudi Arabia is the top target country in the first half of this year, responsible for 40 per cent of the attacks while 20 per cent of the attacks targeted Kuwait and Jordan by 10.4 per cent. Only 2.4 per cent of the attacks targeted the UAE.In 2014, over 500 attacks over 10Gbps targeted Middle East, 134 of them over 20Gbps.
“Middle East region shows much higher proportions of attacks in the 1-5Gbps range. Peak attack sizes look to have fallen back in the Middle East between January and May, but they are slowly increasing over time.
“We recommend a multilayered defence of protection to protect from DDos attacks, one that integrates on-premise protection against application-layer attacks with cloud-based protection against higher magnitude volumetric attacks,” he said.
------
DDoS attacks continue to evolve in Middle East (2015, September 3), Gulf News. Retrieved from:
Case Study 2
How to get the better of cyber-criminalsSecurity experts have revealed that some of the key threats targeting organisations today are malware and human based attack campaigns.
"We are seeing a rise in the number of Distributed Denial of Service [DDoS] threats being launched by cyber-attackers, where more than 7 million were recorded in 2017," says Alaa Hadi, regional director of high growth markets at Netscout Arbor.
He expects this figure to grow overtime. "The financial services, government and education sectors have seen the highest volume of DDoS attacks last year."
"Having an advanced threat detection and multi-layered protection scheme is the best security measure against cyber security threats today," he added. "As cyber-attacks get more complex, it is more crucial for organisations to detect and disable threats before they have a chance to bypass the network security gates."
"If the last few years have taught us anything, it's that organisations will be breached," said Alister Shepherd, MEA director, Mandiant at FireEye. "In January alone, the Telecommunications Regulations Authority reported dozens of attacks on UAE government entities and private companies from attackers outside of the country.
According to a recent report that FireEye published, the industries most targeted in the UAE and across the region include the energy, government, financial services and telecommunication sectors.
"New technologies and approaches like deception-based threat detection will be one of the techniques and investments that organisations will use to close this gap and strengthen overall defences."
------
How to get the better of cyber-criminals (2018, April 1), Khaleej Times. Retrieved from:
Case Study 3
Danish Railway Company DSB Suffers DDoS AttackDanish rail travelers found buying a ticket difficult yesterday, following a DDoS attack on the railway company DSB.
DSB has more than 195 million passengers every year but, as reported by The Copenhagen Post, the attack on Sunday made it impossible to purchase a ticket via the DSB app, on the website and ticket machines.
In a statement to Infosecurity DSB guessed that around 15,000 customers were effected. Passengers were only able to buy tickets from staff on trains.
“We have all of our experts on the case,” said DSB spokesperson Aske Wieth-Knudsen, with all systems apparently working as normal this morning.
“The DDoS attack seen in Denmark this weekend on critical national infrastructure is precisely the type of attack that EU Governments are seeking to protect citizens against” said Andrew Lloyd, president, Corero Network Security.
“Keeping the control systems (e.g. railway signaling, power circuits and track movements) secure greatly reduces the risk of a terrible outcome that risks public safety. That said, a successful attack on the more vulnerable management systems can cause widespread disruption. This DDoS attack on Danish railways ticketing site can be added to a growing list of such cyber-attacks that include last October’s DDoS attack on the Swedish Railways that took out their train ordering system for two days resulting in travel chaos.
The lessons are clear, Lloyd added; transportation companies and other operators of essential services have to invest in cybersecurity defenses to ensure that their services can stay online and open for business during a cyber-attack.
------
Danish Railway Company DSB Suffers DDoS Attack (2018, May 14), Infosecurity Magazine. Retrieved from: