The data center perimeter is dead - web assets cannot be protected by a fortress wall - but a historical view of web protection lives on in the way many IT departments continue to defend their infrastructures. Websites and web applications increasingly live outside the data center. Cloud-based applications and websites are at constant risk from web threats that are becoming more damaging and sophisticated by the day.
Akamai advises organizations to avoid becoming the next cyber-attack victim in the headlines by making a critical evaluation of cybersecurity practices - and then take steps to extend multi-layered security controls to the cloud. Of course, before you can even start to build a multi-layered web defense, you must understand your enemy and its weapons.
Generally, attacks fall into two categories: Distributed denial of service (DDoS), which is also called denial of service (DoS), and hacks against web applications that steal data, such as SQL injection and other command injection attacks.
Akamai predicts that by 2020, the average distributed denial of service (DDoS) attack will generate 1.5 Tbps of network traffic, but even today's large and sophisticated denial of service attacks can easily overwhelm available IT resources. The more you understand the nuances of different types of DDoS attacks and web threats, the better you can determine how they will affect your network.
A mind-boggling array of DoS and DDoS attacks occur at the network layer. These can be grouped into two broad categories: simple flooding and amplification attacks. Several readily available tools are available to attackers to automate the process of creating both types of attacks, allowing malicious actors with no technical background to quickly and easily threaten their choice of website.
Attacks at the application layer are also common and often very sophisticated. They consist of high bandwidth attacks and low-bandwidth denial of service attacks, Domain Name System (DNS) attacks, and attacks that steal data. Attempts to steal data are most likely to take the form of command injection attacks where a hacker injects commands into a vulnerable application. The attacker can then execute these commands to view data, wipe out data, or take over the machine.
Akamai advises practicing good web-application hygiene by using a secure software development lifecycle that includes secure configuration, updates, patches, and secure validation. In addition, a web application firewall (WAF) with anti-DoS capabilities provides a strong line of defense against application-layer attacks such as SQL injection commonly used to cover data theft. The eBook goes into greater detail on how to ensure good web-application hygiene and what to look for in a WAF.
With knowledge you can identify and close network vulnerabilities before your company is harmed. And the reality is that it is when, not if, your network will be threatened by cyber-attackers.
To that end, Akamai has released a free eBook, Threats and Mitigations: A Guide to Multi-Layered Web Security that covers important information that you need to know about the types of cyber threats, how to secure your sites, how to protect web applications from data theft, the different types of cybersecurity solutions, and how to make your network less vulnerable to attack.
There is no one solution to cybersecurity. Before you sign on the dotted line, know the key differences between on-premise hardware and cloud-based services; learn about the strengths of Security Operations Centers (SOCs) and Content Delivery Networks (CDNs) and of always-on services versus on-demand services. The eBook includes a guide to asking the right questions when seeking a web security services provider.
The fortress can no longer be defended by traditional methods, but it can be defended. The cyber battlefield keeps changing with powerful attacks that can down the websites and web applications of global brands, but you don't have to become a victim. Learn how to defend your web and cloud resources - and win. The free Akamai eBook "Threats and Mitigations: A Guide to Multi-Layered Web Security" explains how. Download it today and learn how to build the strongest defense to protect all of your network assets and web applications.