PRTODAY / NewswireToday Free press release distribution service network

Written by / Agency / Source: Radware Ltd

Check Ads Availability|e-mail Article

Are you the owner of this article?, Turn it PREMIUM with your LOGO instead - and make it 3rd party Ads-Free! within the next hour!

Radware Security Report Debunks Prevailing Myths About Distributed Denial of Service (DDoS) Attacks - In the
Radware Security Report Debunks Prevailing Myths About Distributed Denial of Service (DDoS) Attacks


NewswireToday - /newswire/ - Mahwah, NJ, United States, 2012/02/06 - In the "2011 Global Application and Network Security Report", Radware's Emergency Response Team finds that size doesn't matter and smaller attacks can be deadlier (NASDAQ: RDWR) - NASDAQ: RDWR

Your Banner Ad Here instead - Showing along with ALL Articles covering IT Security/Anti-Spam Announcements

Replace these Affiliate Programs at ANYTIME! Your banner here within the next hour. Learn How!


Contrary to conventional thinking that large bandwidth cyber attacks wreak the most damage on enterprises, security experts at Radware a leading provider of application delivery and application security solutions for virtual and cloud data centers, instead found that bigger problems usually come in small packages. That is one of the conclusions published today in the "2011 Global Application and Network Security Report", a compilation of security findings providing a view of the state of cyber security worldwide.

Additional Resources
• Report: "2011 Global Application & Network Security Report"
• Infographic: "2011 Global Application & Network Security Report"
• Blog Article: "DDoS Attacks Myths: Does Size Really Matter?"
• ERT Video: "Fight Cyber Attacks with Radware's Emergency Response Team"
• SlideShare Presentation: "2011 Security Report – Emergency Response Team"

The findings bust several myths about the way the industry views the impact of distributed denial of service (DDoS) attacks. In particular, it challenges the belief that while a cyber attack may feel catastrophic at the time, most organization may never experience an intense attack. Also, a smaller, less intensive attack (76 percent of the attacks surveyed were under 1 Gbps) can cause more damage than DDoS attacks that gobble ten times the amount of bandwidth.

The report, prepared by Radware's Emergency Response Team (ERT), is the product of a security survey sent to a wide variety of organizations, as well as an analysis of selected cases that were handled by the ERT that focus on DoS and DDoS attacks and their mitigation. Combined, they provide an informative and educational look at the types of attacks experienced, the victims and an overview of mitigation technologies.

Radware's ERT is a group of dedicated security consultants who are available around the clock. As literal "first responders" to cyber attacks, Radware's ERT members gained their extensive experience by successfully dealing with some of the industry's most notable hacking episodes, providing the knowledge and expertise to mitigate the kind of attack a business's security team may never have handled. Through the report, the ERT reveals how their in-the-trenches experiences fighting cyber attacks provide deeper forensic analysis than surveys alone or academic research.

Myth Busting
Although some organizations do incur massive DDoS attacks, many more never experience a high-magnitude attack, according to the report. Instead, these organizations are brought down by less intensive, but equally serious attacks. As mentioned earlier, 76 percent of attacks were less than 1Gbps in bandwidth, with 32 percent less than 10Mbps. Only nine percent of attacks in 2011 were over 10Gbps.

A review of cyber attack cases reveals that industry reports capturing public attention perpetuate a myth that only size counts. The thinking goes that if the bandwidth is bigger, then the attack is more severe. In fact, Radware's ERT found that the type of attack is also significant. A much smaller HTTP flood on the application level may do more damage than a larger UDP flood on the network. When evaluating DoS attacks it is important to understand both the size and type of attack.

Other security myths that fall by the wayside in Radware's security report include:

• Firewalls or IPS alone can stop DDoS attacks -- Despite being designed to provide network security, firewalls and intrusion prevention systems (IPS) are impacted by DDoS attacks. Often the firewall is the weakest link. The report shows that in 32 percent of DDoS attacks, the firewall or IPS became the bottleneck. To stop DDoS attacks you need dedicated hardware solutions, not IPS and firewall technologies.

• Content Delivery Network (CDN) providers protect a business against DDOS attacks -- The CDN occasionally can handle the less sophisticated, large-volume attacks by simply absorbing them (while the target customer will pay for that bandwidth, of course, as it was recognized as legitimate traffic). However, as seen by the recent cyber attacks that tried to bring down the Israeli financial system and national airline, the CDN was easily bypassed by changing the page request in every Web transaction. These random request techniques force CDNs to "raise the curtain" and forward all the attacks directly to the customer premise, in essence making the CDN act as a proxy unloading the attack traffic directly at the target servers.

• The core DoS attack mitigation strategy is to defend and absorb – Businesses can and should have the ability to be proactive in their mitigation steps to stop malicious traffic or Website degradation with a strategy for going on the offense. This changes the rules in which the attacker always has the edge, and instead, levels the playing field. This can be done by identifying the attack tool used as the vehicle to carry the attack campaign and expose and exploit its inherent weaknesses to neutralize the attack tool in a "passive", non-intrusive way.

"As the cyber security landscape continues to change with each new wave of attacks, DoS and DDoS attacks are changing as well and will continue to target organizations with more gusto than even before," said Avi Chesla, chief technology officer, Radware. "For example, Radware's 2011 Global Application and Network Security Report proves that in the past two years all serious cyber attack campaigns include volumetric as well as the low and slow attacks vectors, both generated simultaneously.

"Most Internet sites are inherently vulnerable, making it a major challenge for the average organization to predict whether or not their site will be attacked and what the volume of that attack might be. The fates of their organizations depend on utilizing the most advanced defensive and offensive maneuvers against these determined cyber criminals, and understanding all the intricacies of the current attack landscape," Chesla said.

Other Report Findings:

• 56% of cyber attacks were targeted at applications; 46 % at the network.
• Financial Services (28%), Government and eGaming (25% each) sites were targeted most.
• In half of the attacks, companies did not know why they were targets. 'Hacktivists' with a political or social agenda accounted for 22% of the attacks; 12% came from angry users; 7% from the competition and 4% wanted a ransom in exchange for freeing the website.
• DoS attacks became much more organized, professional and complex in 2011 with attackers using as many as five different attack vectors in a single attack campaign. No one point security tool could effectively block this sophisticated multi-level type of attacks. What is needed is a cocktail of techniques that together provide full protection.


Radware's ERT recommends these ways businesses can protect against DoS and DDoS attacks:

1. Collect information about attacks such as type of attacks, size and frequency. Use the correct measures for the attack type. For example, the proper measurement for UDP floods is in bandwidth and PPS, while the measurement scale for HTTP floods is in transactions per second, concurrent connections, and new connections per second. The UDP flood may seem larger and more dangerous, but the HTTP connection-based attack can cause more damage with much less traffic than the UDP attack.
2. Perform risk analysis at the business level to determine the budget you should allocate to improve your business resilience against DDoS attacks.
3. For bandwidth saturation attacks, make sure your service provider can mitigate volumetric attacks that may saturate your bandwidth.
4. For application attacks, deploy anti-DoS and network behavioral technologies on site.
5. Have a consolidated or "context aware" view into enterprise security with a security event information management (SEIM) system. An SEIM system can build a centralized architecture that simplifies such tasks as monitoring the millions of messages and log records generated by security edge devices. Also, an SEIM is essential when prosecuting a perpetrator.
6. Education and internal security policies are important defense tools, too. Regularly refresh technical skills and practical experience within the security group; but also help employees be aware of how hackers can exploit opportunities throughout the enterprise, especially in the age of 'bring your own device'.

About the "2011 Global Application & Network Security Report"
Information for the report came from two sources -- the Radware Security Survey and an analysis of 40 select cases of cyber attacks conducted by the ERT. The Radware Security Survey was distributed in the fall of 2011 to security professionals ranging from security and network managers to executives. The survey consisted of 23 questions on respondents' DoS experiences, the impact of the DoS attacks they experienced, mitigation techniques, and in-depth information about the three most severe attacks they experienced. Radware received 135 responses, most of which were not from current customers.

The 40 select cases studied by Radware's ERT complemented the survey by providing deeper, forensic information.

For more information on Radware's "2011 Global Application & Network Security Report", go to

About Radware
Radware (, is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware's solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.

Radware encourages you to join our community and follow us on LinkedIn, Radware Blog, Twitter, YouTube and the Radware Connect app for iPhone®.

This press release may contain statements concerning Radware's future prospects that are "forward-looking statements" under the Private Securities Litigation Reform Act of 1995. These statements are based on current expectations and projections that involve a number of risks and uncertainties. There can be no assurance that future results will be achieved, and actual results could differ materially from forecasts and estimates. These risks and uncertainties, as well as others, are discussed in greater detail in Radware's Annual Report on Form 20-F and Radware's other filings with the Securities and Exchange Commission. Forward-looking statements speak only as of the date on which they are made and Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware's public filings are available from the Securities and Exchange Commission's website at or may be obtained on Radware's website.

Your Banner Ad Here instead - Showing along with ALL Articles covering IT Security/Anti-Spam Announcements

Replace these Affiliate Programs at ANYTIME! Your banner here within the next hour. Learn How!


Written by / Agency / Source: Radware Ltd


Availability: All Regions (Including Int'l)


Traffic Booster: [/] Quick Newswire Today Visibility Checker


Distribution / Indexing: [+] / [Company listed above is a registered member of our network. Content made possible by PRZOOM / PRTODAY indexing services]

# # #
IT Security Anti-Spam Computer Security - Purchase keywords tags antivirus software firewall spyware removal virus scan computer security IT Security Anti-Spam malware / Banner Ads!.

  Your Banner Ad showing on ALL
IT Security/Anti-Spam articles,
CATCH Visitors via Your Competitors Announcements!

Radware Security Report Debunks Prevailing Myths About Distributed Denial of Service (DDoS) Attacks

Company website links NOT available to basic submissions
It is OK to republish and/or LINK any newswire for any legitimate media purpose as long as you name Newswire Today and LINK as the source.
  Is this your article?
Activate ALL web links and social stream by Upgrading to Press Release PREMIUM Plan Now!

Radware |
Publisher Contact: 
877-236-9807 info[.]
Newswire Today - PRZOOM / PRTODAY disclaims any content contained in this article. If you need/wish to contact the company who published the current release, you will need to contact them - NOT us. Issuers of articles are solely responsible for the accuracy of their content. Our complete disclaimer appears here.
IMPORTANT INFORMATION: Issuance, publication or distribution of this press release in certain jurisdictions could be subject to restrictions. The recipient of this press release is responsible for using this press release and the information herein in accordance with the applicable rules and regulations in the particular jurisdiction. This press release does not constitute an offer or an offering to acquire or subscribe for any Radware Ltd securities in any jurisdiction including any other companies listed or named in this release.

IT Security/Anti-Spam via RSSAdd NewswireToday - PRZOOM Headline News to FeedBurner
Find who RetweetFollow @NewswireTODAY

Are you the owner of this article?, Turn it PREMIUM with your LOGO instead - and make it 3rd party Ads-Free! within the next hour!

Read Latest Articles From Radware Ltd / Company Profile

Read IT Security/Anti-Spam Most Recent Related Newswires:

High-Tech Bridge Recognized As A Key Innovator
Dell Unveils New Endpoint Data Security and Management Portfolio for Greater IT Interoperability
Trustwave Unveils Industry’s First Cloud-based Secure Web Gateway with Zero Malware Guarantee
Check Point Wins Third-Straight ‘Recommended’ Rating in 2016 from NSS Labs
Sonus Brings Proven Security to NuWave’s Hosted Cloud Communication and Collaboration Offering
MobileIron Bridge Unifies Mobile and Desktop Operations
Dell Partners with Leading System Integrators, Providing Customers More Choices for IoT Deployments
Cisco and Thales Innovate Together for Trusted Cybersecurity Solution
ForeScout Receives JPMorgan Chase Hall of Innovation Award for its Transformative Security Technology
Splunk IT Service Intelligence and Splunk Cloud Drive Big Data Analytics at Cox Automotive
Mimecast Announces Middle East Expansion Plans
Dell Services Federal Government (DSFG) Awarded $88M Contract with the National Science Foundation (NSF)
Flexera Software Launches App Portal 2016
Splunk Invests in Developer Ecosystem to Fuel Platform Innovation
Kerio Operator 2.5 Improves Audio and Video Calling for Small and Mid-sized Businesses

Boost Your Social Network
& Crowdfunding Campaigns

NewswireToday Celebrates 10 Years in Business




  ©2016 Newswire Today — Limelon Advertising, Co.
Home | About | Advertise/Pricing | Contact | Investors | Privacy/TOS | Sitemap | FRANCAIS
newswire, PR free press releases distribution service magazines engine news alert newsroom press room breaking news public relations articles company news alerts newswiredistribution ezine bizentrepreneur biznewstoday digital business report market search pr firms agencies reports distri-bution today investor relation successful internet entrepreneurs newswire distribution freenewswiredistribution asianewstoday bizwiretoday USA pr UK today - NOT affiliated with PRNewswire as we declined their partnership offer in 2013
PRTODAY & NewswireTODAY are NOT affiliated with USA TODAY (