Author Archive

3 Ways to Prevent Bot Attacks on Your Web Applications

botsIt’s becoming more common to hear about IoT security — or the lack thereof — in the news, and computers and IoT devices are frequently targeted by hackers for “bot” employment to perform distributed denial of service (DDoS) attacks, application exploits and credential stuffing. Non human traffic or bot traffic represents currently more than 60% of the total traffic going to web sites.

Those bots come in a variety of forms, making it extremely important to distinguish between the infected hosts that often make up botnets to perform various malicious activities, to the legitimate bots that are extremely important in driving customer traffic to your site (Googlebot, for example).

Different Types of Bot Attacks on Web Services

Websites that contain pricing information and proprietary information are especially vulnerable to bot traffic.

An example of a content scraping process can be seen when airline companies use bot farming to scrape price information from competitive airline company sites. They use this information to dynamically price similar products — once they find out what a competitor is charging, they can price their services lower to gain a market advantage.

A more malicious use includes deploying a botnet that seeks out vulnerabilities in website technology and stores this as a vulnerable site, ripe for exploitation. Read the rest of this entry »

The Power of HTTP/2 for CDN

http/2HTTP is a protocol that all web developers must familiarize themselves with. It was introduced in 1989 by Sir Timothy John Berners-Lee, which he developed using a single NeXTcube workstation, and it continues to prove reliable for networks with port connection speeds surpassing 10 megabits.

Then, in 2015, the Internet Engineering Task Force released HTTP/2, which quickly rose in popularity as the second most useful internet protocol available. Now, LeaseWeb CDN is using HTTP/2 to deliver the content even faster globally.

What Are Some of the Benefits of HTTP/2?

In short, HTTP/2 is faster and more secure, which is why its adoption happened so quickly. Due to the advanced development of HTTP/2 protocols, concatenation and domain sharding are no longer necessary. And unlike traditional HTTP, HTTP/2 is binary instead of textual. As a result, it’s much easier to send bits/bytes and strings representing numbers due to their more compact structure. Read the rest of this entry »

Protecting Your Business From Increasingly Sophisticated Cyberattacks

cyberattacksWhether you’re leading a Fortune 500 company or your own small business, cybersecurity must be a fundamental business objective. Several high-profile cyberattacks in the first half of 2017 have affected organizations of all sizes all over the world, and these attacks are only going to become more common and more sophisticated.

As a business leader, it’s important to understand that the threat is constant. Even if you’ve never experienced an attack, your servers are perpetually being scanned by hackers for vulnerabilities — and the damage can be fatal to your business. A cyberattack can result in the loss of critical information, putting the reputation of your brand at stake.

If you suffer a cyberattack and are able to react quickly, it’s certainly possible to mitigate the damage to your business and your customers, though containing an attack can get tremendously expensive. If you have a plan in place, however, you can save yourself a lot of time and money — and protect the future of your business.

Read the rest of this entry »

Prepare Your Business for a DDoS Attack – 5 Recommendations

DDoS AttackDistributed denial of service (DDoS) attacks have become a part of having a presence on the web. While the question used to be if you will be attacked, today it is only a matter of when. Because of this, it is more important than ever to have a defense strategy in place. But, for all the media coverage and attention any DDoS attack may receive, their purpose and how to best defend against them are not always well understood.

According to the 2016 Verizon data breach incident report (DBIR), DDoS and web app attacks have increased substantially over the last year. Successful data breaches of web app attacks where data was stolen increased from 7% to 40% with targeted data including:

  • Credit card data
  • Personal information
  • Financial credentials
  • Passwords

If you want to ensure that your business is ready for a DDoS attack there are a number of best practices you should keep in mind. What follow are 5 recommendations from our 10 years of experience managing over 80,000 servers. If you want an even more in depth overview, as well 5 more recommendations, you can download the full white paper here.

Read the rest of this entry »

DDoS protection – what is a DDoS attack and how to mitigate it?

In today’s hyper-connected world, it has never been more important to address and mitigate security threats to your business. The shift to cloud services has increased substantially over the past few years and it is vital to understand how to reduce the risks that come with the move to this platform. More than 90% of internet traffic will be video within two years. The ratio of connected devices to internet users is projected to be 10:1 by the year 2020. With such a high level of connectivity, outages due to cyber security threats can cost a company up to $100,000 per minute.

The most common threat to cloud users are distributed denial of service (also known as DDoS) attacks. Studies show that targets are not limited to some specific activities but rather that every organization is a potential target. The top four reasons for attacks are:

  • Hacktivism illustrated by Anonymous or Wikileaks organizations.
  • Cyber warfare in order to destabilize a foreign government or an election.
  • Cyber espionage to steal intellectual property of a competitor.
  • Cybercrime in the form of cyberextortion, in which an attack or the threat of an attack is coupled with a demand for money to prevent or stop the attack.

Cybercrime is responsible for over 65% of attacks. It does not matter how large or small your cloud footprint is, everyone is at risk as no segment of activity is immune to attack. With an ever growing array of targets, attacks are becoming more sophisticated. Multi-vector attacks are becoming more aggressive than before with an 84% increase in multi-vector attacks over the past few years. It is also easier than ever to launch an attack due to the availability of tools that do not require special knowledge. One does not need to be a security expert to launch a damaging attack. Events of last week show that the growth of IoT (Internet of Things) is making us more vulnerable as personal devices such as webcams were used as weapons to bombard major sites like Netflix and Twitter with millions of requests. Read the rest of this entry »

Setting up Leaseweb CDN on WordPress

cdn graphSetting up WordPress on LeaseWeb CDN is very easy, as you’ll see. A couple of assumptions before we start:

  • WordPress is installed on the origin server
  • WP Super Cache or similar is installed within WordPress
  • An “Origin” that points to your WordPress installation is already defined within your LeaseWeb CDN control panel.

Configuring the zone itself

First thing you want to do is to configure a Pull Zone. Do this by going to “Manage Zones” -> “Pull Zones” and click the “Add” button.

 

image1

Read the rest of this entry »

Don’t let cyberattacks bring you down

LSW_CloudSecurity_iconThe first half of 2015 saw a 50% increase in DDoS attacks. They are not only becoming more frequent but they are getting more sophisticated too. On average, a DDoS attack will cost an SMB company €45,000 and an enterprise €400,000 – not to mention the damage done to the corporate image or share price. In other words, a DDoS attack might not only paralyze your online presence but could also be disastrous to your overall business continuity.

Diversionary attacks

Data breaches and DDoS attacks are the most common threats to your website. Just take a look at these statistics: according to Kaspersky Labs, 74% of companies that suffer a DDoS attack face another security incident at the same time; 26% of these incidents are data breach attempts or data leaks which means these attacks are not primarily meant to take your website offline but are a diversion to get to your data. These are so-called layer 7 attacks: the hackers divert your attention to get your eye off the ball by disrupting the availability of the website while they quietly try to exploit any vulnerabilities in your web applications.

Read the rest of this entry »

Improving our CDN: Four new POP locations – and more on the way

cdn graphGood coverage of our Content Delivery Network (CDN) is key to our customers. The more Points of Presence (PoPs) our CDN has, the better you will be able to serve your end users. As part of our continuous CDN upgrade program, I’m proud to announce that we have opened a further four new PoP locations during the last couple of months.

We have prioritized the following strategic locations:

Read the rest of this entry »

LeaseWeb Application Security introduction

DDoS attacks and other forms of cybercrime are becoming more and more frequent. That’s why we recently launched a new service called LeaseWeb Application Security. Here’s a quick video-tour of the easy-to-use dashboard from which you can adjusts your security situations, monitor suspicious traffic, respond to threats and more.

LeaseWeb Application Security is further augmented by a 24/7 Security Operation Center that reacts to every incoming attack. With the help of the Security Operation Center, you can constantly analyze your vulnerability and mitigate threats with a high degree of customization. For real-time mitigation of spammers, data breaches and DDoS attacks, application security experts are available 24/7.

Want to learn more about how you can protect your data? Visit http://lsw.to/lyA

LeaseWeb CDN Tutorial: Analytics Introduction

LeaseWeb on Twitter

Don't miss Julien Lehmann at 16:25 in the main room, as he reveals tips on how you can protect yourself against malicious attacks #SiGMA17

test Twitter Media - Don't miss Julien Lehmann at 16:25 in the main room, as he reveals tips on how you can protect yourself against malicious attacks  #SiGMA17 https://t.co/ugXAQzYMrX

Don't gamble on your IT security. Come by and talk to our experts at booth B111 and find out how we can help you!

test Twitter Media - Don't gamble on your IT security. Come by and talk to our experts at booth B111 and find out how we can help you! https://t.co/Vdr5EVjD0Y
test Twitter Media - Don't gamble on your IT security. Come by and talk to our experts at booth B111 and find out how we can help you! https://t.co/Vdr5EVjD0Y

Catch Willem van Oort speak about the Dutch gaming market on Friday @11:45

test Twitter Media - Catch Willem van Oort speak about the Dutch gaming market on Friday @11:45 https://t.co/LRI8YdLRLY