Fighting Back! Online Businesses Need to Adopt a More Offensive Line of Attack Against Cyber Crime

MAHWAH, N.J. May 9, 2011 02:00 PM

Radware offers tips to e-businesses on how to fight back against attackers even beyond the perimeter’s borders 

By the very definition, businesses with an online presence including retailers, tourism, sports, financial services, or gambling, rely on Internet connectivity to generate revenue. These organizations are the perfect targets for security attacks of all types including information theft, denial of service (DoS) attacks, application vulnerabilities, etc.  Radware (NASDAQ: RDWR), a leading provider of integrated application delivery solutions for business-smart networking, is recommending that all online businesses take a more offensive approach in the way in which they fight against these attacks by adopting a more complete solution that counters the attack at its real origin.

In addition to the broad spectrum of attacks that have developed in the past years, the motivation for these attacks has evolved from basic financial to vandalism and social activism (“Hacktivism”) developing into a “power struggle” between the attacker and the object of the attack as these businesses try to fend off yet another attack. And yet, online businesses have not adjusted their network security solutions to these changes – with many still relying upon traditional defensive-only mitigation technologies. And, these security technologies based on signature detection or behavioral analysis have proven to be inadequate - at best they offer defensive-only business protection against perimeter attacks. Although effective in certain situations, i.e. mitigating the effects of an attack, they are unable to address the underlying cause itself. They are incapable of taking the reins and obtaining the advantage from the attackers.

As such, online businesses need to reassess the security solutions they have in place so as to best protect their businesses. And, to cite Carl von Clausewitz’s adage “The best defense is a good offense”the mitigation of attacks should be done by slowing down or even completely shutting down the zombie computers that generated these attacks. This is the only way to reverse the power relationship that exists between attackers and defenders. This may even convince the attacker to stop targeting one business and attacking another which may be less secure.

As part of its security offering, Radware created the Emergency Response Team (ERT). The ERT consists of security experts with vast knowledge in network threats, detection and mitigation is well aware of the security challenges faced by customers. Taking from lessons learned throughout their daily activities, the ERT has developed a new methodology to fight against cyber attacks.

Based on this, Radware has created a list of tips that each online business should follow in order to instill a top-level offensive strategy in fighting cybercrime and protecting their networks.

Good Offense Tips  

• Study normal usage patterns: Using behavioral analysis tools, profile and characterize the normal usage habits of the application as well as the behavior of users accessing online services;
• Identify types of behavior: Create a methodology to detect deviations from normal activity of in different types of applications. This will help in clearly identifying abnormal behavior and thus identify users who appear to be acting suspiciously. These types of users tend to, more than not, represent a Botnet attack;
• Analyze and mitigate the attack: Isolate the transactions of the suspicious user and block them at the network’s perimeter,
• Analyze the attack tool: analyze the use of the attack tool deployed and its weaknesses;
• Create an offensive: Create a method that will exploit the attack tool’s weakness identified previously to deactivate the tool wherever located, thus cleaning the “bad traffic” end-to-end beyond the perimeter borders ; and
• Measure the effectiveness: Assess the tool used and the success rate. Make adjustments if deemed necessary.

About Radware’s Security Offering

Radware’s Attack Mitigation System (AMS) is a real-time network and application attack mitigation solution that protects the application infrastructure against network & application downtime, application vulnerability exploitation, malware spread, information theft, web service attacks and web defacement.

AMS contains 4 key components:

• Radware’s award winning DefensePro® and AppWall® which a set of security modules – Denial-of-service (DoS) Protection, Network Behavioral Analysis (NBA), Intrusion Prevention (IPS), Reputation Engine  and Web Application Firewall (WAF) - to fully protect networks and applications against known and emerging network security threats
• APSolute Vision® accompanies the security solution with an enterprise-wide view of security event management (SEM) and compliance platform
• Radware's Emergency Response Team (ERT) consists of knowledgeable and specialized security experts who provide 24x7 instantaneous services for customers facing a denial-of-service (DoS) attack in order to restore network and service operational status

About Radware

Radware (NASDAQ:RDWR), a global leader in integrated application delivery solutions, assures the full availability, maximum performance, and complete security of business-critical applications for nearly 10,000 enterprises and carriers worldwide. With APSolute®, Radware's comprehensive and award-winning suite of application delivery and network security products, companies in every industry can drive business productivity, improve profitability, and reduce IT operating and infrastructure costs by making their networks "business smart". For more information, please visit www.radware.com.