Security

Protecting Your Business From Increasingly Sophisticated Cyberattacks

cyberattacksWhether you’re leading a Fortune 500 company or your own small business, cybersecurity must be a fundamental business objective. Several high-profile cyberattacks in the first half of 2017 have affected organizations of all sizes all over the world, and these attacks are only going to become more common and more sophisticated.

As a business leader, it’s important to understand that the threat is constant. Even if you’ve never experienced an attack, your servers are perpetually being scanned by hackers for vulnerabilities — and the damage can be fatal to your business. A cyberattack can result in the loss of critical information, putting the reputation of your brand at stake.

If you suffer a cyberattack and are able to react quickly, it’s certainly possible to mitigate the damage to your business and your customers, though containing an attack can get tremendously expensive. If you have a plan in place, however, you can save yourself a lot of time and money — and protect the future of your business.

Read the rest of this entry »

5 Ways to Protect Your Company from DDoS Attacks

DDoS AttackAs an online business, you have the responsibility of ensuring the safety of your customers’ hard-earned money from DDoS attacks. Unfortunately, hackers are making it harder to fulfill that responsibility. Verizon’s 2017 Data Breach Investigations Report found that the e-commerce industry falls victim to cyberattacks more than any other industry. In some cases, hackers are looking to extort money from your company. In others, they’re coming at your business as a form of industrial sabotage.

One of the most common strategies used to carry out these intrusions is a distributed denial of service attack. Digital Trends reported that the frequency of DDoS attacks increased by threefold in 2016. These attacks typically take on one of three forms: protocol, volume-based, or application layer attacks. Each uses a different method to overload your network, but the results are the same: chaos.

Sizing Up the Threat

To put the threat of DDoS attacks in context, just imagine if the online component of your business were disabled for hours, minutes, or even seconds. Depending on the size of the company, this loss of service could cost as much as $250,000 per hour — maybe more.

Read the rest of this entry »

Prepare Your Business for a DDoS Attack – 5 Recommendations

DDoS AttackDistributed denial of service (DDoS) attacks have become a part of having a presence on the web. While the question used to be if you will be attacked, today it is only a matter of when. Because of this, it is more important than ever to have a defense strategy in place. But, for all the media coverage and attention any DDoS attack may receive, their purpose and how to best defend against them are not always well understood.

According to the 2016 Verizon data breach incident report (DBIR), DDoS and web app attacks have increased substantially over the last year. Successful data breaches of web app attacks where data was stolen increased from 7% to 40% with targeted data including:

  • Credit card data
  • Personal information
  • Financial credentials
  • Passwords

If you want to ensure that your business is ready for a DDoS attack there are a number of best practices you should keep in mind. What follow are 5 recommendations from our 10 years of experience managing over 80,000 servers. If you want an even more in depth overview, as well 5 more recommendations, you can download the full white paper here.

Read the rest of this entry »

Cyber Security: 5 basic lessons for everyone

Fred Streefland, IT-Security Manager at LeaseWeb and Dave Maasland, CEO Eset Netherlands.Cyber Security

A version of this article originally appeared on Computable.

Recently we’ve had the opportunity (a quite fun and interesting opportunity), to visit a number of Information Security and Cyber Security congresses. During these congresses we were flooded with relatively ‘new’ developments such as Next-Generation, IoT (Internet of Things), IoT DDoS, Security Intelligence Platform, et cetera. The fact that some these terms have become ‘hype’ is not in itself a problem, but we did begin to wonder whether the security world may be looking at things in the wrong way and thereby missing the demands that need to be addressed.

In this article we will suggest a new way of looking at cybersecurity that stops viewing it as a goal in itself and instead as something that is directly connected to business needs. As it stands now, it seems that too many security-organizations are missing the mark.

Security can be quite complex, but its essence is quite simple. Security is nothing more than reducing or taking away risks, and making them visible so that the business can accept them and continue doing its work – nothing more, nothing less. To do this as effectively and efficiently as possible, we, as security-people, have to understand the business and not see it solely from an IT-Perspective but form the broader perspective of the business itself.

When starting from the business, we first have to identify, map, and categorize the risks for the specific business. Second, we have to determine, together with the business itself, which risks need to be dealt with in which order. When that’s done, the person responsible for security within the company has to set-up a security-plan that depicts how these changes are executed. When doing so, there should always be clear goals and deadlines. Ideally, this should be done in a ‘smart’ way, one step at a time, so as to not engage in too many projects at once.

Lesson 1: Start with the business (and its risks)

Read the rest of this entry »

DDoS protection – what is a DDoS attack and how to mitigate it?

In today’s hyper-connected world, it has never been more important to address and mitigate security threats to your business. The shift to cloud services has increased substantially over the past few years and it is vital to understand how to reduce the risks that come with the move to this platform. More than 90% of internet traffic will be video within two years. The ratio of connected devices to internet users is projected to be 10:1 by the year 2020. With such a high level of connectivity, outages due to cyber security threats can cost a company up to $100,000 per minute.

The most common threat to cloud users are distributed denial of service (also known as DDoS) attacks. Studies show that targets are not limited to some specific activities but rather that every organization is a potential target. The top four reasons for attacks are:

  • Hacktivism illustrated by Anonymous or Wikileaks organizations.
  • Cyber warfare in order to destabilize a foreign government or an election.
  • Cyber espionage to steal intellectual property of a competitor.
  • Cybercrime in the form of cyberextortion, in which an attack or the threat of an attack is coupled with a demand for money to prevent or stop the attack.

Cybercrime is responsible for over 65% of attacks. It does not matter how large or small your cloud footprint is, everyone is at risk as no segment of activity is immune to attack. With an ever growing array of targets, attacks are becoming more sophisticated. Multi-vector attacks are becoming more aggressive than before with an 84% increase in multi-vector attacks over the past few years. It is also easier than ever to launch an attack due to the availability of tools that do not require special knowledge. One does not need to be a security expert to launch a damaging attack. Events of last week show that the growth of IoT (Internet of Things) is making us more vulnerable as personal devices such as webcams were used as weapons to bombard major sites like Netflix and Twitter with millions of requests. Read the rest of this entry »

Security precaution: update your passwords

secureThe only way to stay safe on the internet is by helping each other minimize security risks. So as a precaution, I want to make you aware of a situation that could possibly affect you.

There are currently several databases available on the internet containing personal data such as e-mail addresses, user names and associated passwords. Lately, our security teams have noticed an increase in attacks attempted by unauthorized parties using this data.

In order to protect yourself, we recommend everyone to take the following actions if you haven’t done so already:

Read the rest of this entry »

Protecting patient data with LeaseWeb

In secure a study released this week by the Ponemon Institute, a U.S. privacy research group, almost 90 percent of surveyed healthcare organizations reported they had at least one data breach involving patient data in the last two years; 45 percent reported more than five breaches.

Healthcare records are a prime target for hackers because they are such a rich source of information. Stolen credit card numbers expire quickly once the patterns of misuse are discovered. Personal identity information is far more persistent.

Read the rest of this entry »

Techsummit Berlin 2016 preview: Managing secrets at scale

Managing secrets is hard to get right, and can be very expensive if you get it wrong. In our latest podcast, Alex Schoof, principal engineer at Fugue, previews some of the topics he’ll be addressing during his presentation at TechSummit Berlin.

TechSummit Berlin takes place on 13 April 2016. Join others from the tech community for a day of informal chat and information exchange – all in the cool surroundings of Berlin. More info, full lineup and tickets: www.techsummit.io/berlin

Don’t let cyberattacks bring you down

LSW_CloudSecurity_iconThe first half of 2015 saw a 50% increase in DDoS attacks. They are not only becoming more frequent but they are getting more sophisticated too. On average, a DDoS attack will cost an SMB company €45,000 and an enterprise €400,000 – not to mention the damage done to the corporate image or share price. In other words, a DDoS attack might not only paralyze your online presence but could also be disastrous to your overall business continuity.

Diversionary attacks

Data breaches and DDoS attacks are the most common threats to your website. Just take a look at these statistics: according to Kaspersky Labs, 74% of companies that suffer a DDoS attack face another security incident at the same time; 26% of these incidents are data breach attempts or data leaks which means these attacks are not primarily meant to take your website offline but are a diversion to get to your data. These are so-called layer 7 attacks: the hackers divert your attention to get your eye off the ball by disrupting the availability of the website while they quietly try to exploit any vulnerabilities in your web applications.

Read the rest of this entry »

Security: it’s all about managing risk!

EnterPrise_01_ComplianceOrganizations are increasingly dependent on their digital infrastructure. At the same time, these organizations seem to be more vulnerable than ever as cyber criminals’ techniques become more and more sophisticated. So how can you handle this situation? In other words: how do you become a secure online organization?

This was one of the topics discussed by Dell and LeaseWeb customers during a roundtable discussion about security. IT security specialist and journalist Brenno de Winter provided interesting insights in his introduction: “If your company wants to be a secure organization, you have to manage risks. There are four options when dealing with risks: accepting them, reducing them through security measures, avoiding risks by ceasing certain activities, or to partially outsource risk management to a third party. There are also affordable insurance policies against hacks available which are worth considering. But no matter what you do, make sure you have a risk management strategy in place, supported by tools that identity the security risks of your organization.”

Read the rest of this entry »

LeaseWeb on Twitter

We'll be waiting for you at SiGMA17 booth B111! Book now: lsw.to/lkd

test Twitter Media - We'll be waiting for you at SiGMA17 booth B111! Book now: https://t.co/AL3tDv5xwW https://t.co/ogUmR5bBae

Just a few days left until SiGMA 17! Don't miss Julien Lehmann's talk on cyber security! Register here: bit.ly/1W4D5TJ

test Twitter Media - Just a few days left until SiGMA 17! Don't miss Julien Lehmann's talk on cyber security! Register here: https://t.co/1LCwPEEhYX https://t.co/6GSQdgSOJt

Check out Leaseweb's Robert van der Meulen's article on "The Rise of the Bots: The Good and the Bad" bit.ly/2zXAPFK

test Twitter Media - Check out Leaseweb's Robert van der Meulen's article on "The Rise of the Bots: The Good and the Bad" https://t.co/OLaer6bT7j https://t.co/yozCCCkAdT