DDoS / Featured Blogs

NANOG 65 Report

NANOG 65 was once again your typical NANOG meeting: a set of operators, vendors, researchers and others for 3 days, this time in Montreal in October. Here's my impressions of the meeting... The opening keynote was from Jack Waters from Level 3, which looked back over the past 25 years of the Internet, was interesting to me in its reference to the "Kingsbury Letter". more»

Thoughts on the Open Internet - Part 5: Security

Any form of public communications network necessarily exposes some information about the identity and activity of the user's of its services. The extent to which such exposure of information can be subverted and used in ways that are in stark opposition to the users' individual interests forms part of the motivation on the part of many users to reduce such open exposure to an absolute minimum. The tensions between a desire to protect the user through increasing the level of opacity of network transactions to third party surveillance, and the need to expose some level of basic information to support the functions of a network lies at the heart of many of the security issues in today's Internet. more»

Watch Live Oct 1 - Dyn's Techtoberfest: Internet Trends, Security, Net Neutrality and More

On Thursday, Oct 1, 2015, from 9:30am-4:30pm US EDT (UTC-4), Dyn will be holding their "TechToberFest" event in Manchester, NH, and also streaming the video live for anyone interested. There are a great set of speakers and a solid agenda. As I wrote on the Internet Society blog, I'll be part of the security panel from 3-4pm US EDT... and we who are on the panel are excited to participate just for the conversation that we are going to have! It should be fun! more»

Can We Stop IP Spoofing? A New Whitepaper Explores the Issues

In March 2013, Spamhaus was hit by a significant DDoS attack that made its services unavailable. The attack traffic reportedly peaked at 300Gbps with hundreds of millions of packets hitting network equipment on their way. In Q1 2015, Arbor Networks reported a 334Gbps attack targeting a network operator Asia. In the same quarter they also saw 25 attacks larger than 100Gbps globally. What is really frightening about this is that such attacks were relatively easy to mount. more»

The Internet of Things: When Sci-Fi Becomes Reality

In my last blog post I shared some of the general security challenges that come with the Internet of Things (IoT). In this post, I will focus on one particular security risk: distributed denial of service (DDoS) attacks. Even before the age of IoT, DDoS attacks have been turning multitudes of computers into botnets, attacking a single target and causing denial of services for the target's users. By "multitudes" we can be talking about thousands or even millions of victim devices. Now add IoT into the equation... more»

Understanding the Threat Landscape: Basic Methodologies for Tracking Attack Campaigns

The indicators of compromise (IOCs) outlined in my last blog post can be used as a baseline for developing intrusion sets and tracking attack campaigns and threat actors. When launching an attack, threat actors use a variety of vectors and infrastructure, which Verisign iDefense analysts -- as well as analysts across the cybersecurity community -- correlate to group attacks, tracking actors and determining attack methods. more»

Understanding the Threat Landscape: Indicators of Compromise (IOCs)

I previously provided a brief overview of how Verisign iDefense characterizes threat actors and their motivations through adversarial analysis. Not only do security professionals need to be aware of the kinds of actors they are up against, but they should also be aware of the tactical data fundamentals associated with cyber-attacks most commonly referred to as indicators of compromise (IOCs). Understanding the different types of tactical IOCs can allow for quick detection of a breach... more»

Understanding the Threat Landscape: Cyber-Attack Actors and Motivations

The threat landscape has rapidly expanded over the past few years, and shows no signs of contracting. With major establishments in both the public and private sectors falling victim to cyber-attacks, it is critical for organizations to identify the motivations, modus operandi (MO) and objectives of adversaries in order to adequately and effectively defend their networks. Understanding the taxonomy of cyber-attacks is the first step in preparing an organization against exposure to them. more»

Diving Into the DNS

If you are at all interested in how the Internet's Domain Name System (DNS) works, then one of the most rewarding meetings that is dedicated to this topic is the DNS OARC workshops. I attended the spring workshop in Amsterdam in early May, and the following are my impressions from the presentations and discussion. What makes these meetings unique in the context of DNS is the way it combines operations and research, bringing together researchers, builders and maintainers of DNS software systems, and operators of DNS infrastructure services into a single room and a broad and insightful conversation. more»

M3AAWG & i2Coalition Collaborate on Best Practices on Anti-Abuse in Hosting & Cloud Environments

I am excited to announce the recent release of the industry first Best Common Practices document for Cloud and Hosting providers for addressing abuse issues that was created by M3AAWG and the i2Coalition. M3AAWG has been collaborating with the Best Practices Working Group of the i2Coalition over the past 2 years to discuss ways to solve malicious activity within hosting and cloud ecosystems.  more»

Industry Updates

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

Verisign Releases Q4 2015 DDoS Trends - DDoS Attack Activity Increasing by 85% Year Over Year

Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015

The Framework for Resilient Cybersecurity (Webinar)

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Faster DDoS Mitigation - Introducing Verisign OpenHybrid Customer Activated Mitigation

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Introducing the Verisign DNS Firewall

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Key Considerations for Selecting a Managed DNS Provider

Verisign Mitigates More DDoS Attacks in Q1 2015 than Any Quarter in 2014

Verisign OpenHybrid for Corero and Amazon Web Services Now Available

Public Sector Experiences Largest Increase in DDoS Attacks (Verisign's Q4 2014 DDoS Trends)

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS

Verisign iDefense 2015 Cyber-Threats and Trends