Radware, a provider of cyber security and application delivery solutions, releases Global Application and Network Security Report 2015-2016. The report identifies the major attack trends of 2015, outlines industry preparedness, and offers predictions for 2016.
Radware's annual report reveals that throughout 2015, no industry was immune to cyber attacks, and few were prepared to tackle invasions. The report also predicts that in 2016 new challenges such as Advanced Persistent Denial of Service (APDoS) attacks, increase in volume and scope of sophisticated bot-generated attacks against web application infrastructure will make cyber attacks even more aggressive.
The Global Application and Network Security Report 2015-2016 predicts an increase in frequency of ransoms, revealing that attackers focus their ransom demands toward service providers and leverage both DDoS and SSL Flood attacks when payment is not made.
The report also reveals that attacks are becoming completely automated and more sophisticated each day. New techniques like Burst Attacks, APDoS and an increase in volumetric pipe attacks along with Dynamic IP Attacks make it harder to defend against manual solutions.
The other key findings of the report include: increased attacks on education and hosting industries, more sophisticated attack modalities, a growing need for security automation. It revealed that in 2015, several verticals faced consistent levels of threat, while both education and hosting moved from "Medium" to "High" risk on Radware's Ring of Fire map. The research showed organizations in education and hosting verticals are more likely to experience DoS/DDoS and other cyber attacks at a higher frequency than in the previous year.
The research also reveals that with a rise in APDoS and other volumetric pipe attacks, including the mimicking of user behavior and serving up dynamic IP addresses, there is an emerging threat that demands more advanced detection and mitigation.
In 2015, more than 90 percent of organizations reported experiencing attacks. Identifying gaps in security, the report says that enterprises are still not prepared to fight against advanced persistent threats and information theft.
Radware's Emergency Response Team, a research group that actively monitors and mitigates attacks in real-time, creates an annual report for use by the security community, recommends steps to anticipate and mitigate attacks through Bet on Bots and Automation. The team says that it has become necessary to fight automated threats with automation technology. It also recommends that organizations need a single vendor or hybrid solution to protect networks and applications from a wide range of attacks. A truly integrated solution needs to include all the different technologies such as DoS protection, behavioral analysis, encrypted attack protection and web application firewall.
The team also suggests mitigation assumptions should move in lockstep with risk level. Preparing for increased industry risk or being aware of how hacktivists operate and select targets and understanding fuels preparation will mitigate risks and defend network.