Story image

Preventing data theft by combining network and application layer security

18 Jan 2018

Article by Neustar Australian general manager Robin Schmitt

The rise of cloud technologies, internet of things (IoT) and software-defined infrastructures has powered digital transformation, creating vast opportunities for today’s organisations. Similarly, cyber-criminals have taken advantage of the changing landscape, continually increasing the complexity of attacks to achieve unprecedented success.

For instance, looking back to 2015, cyber-criminals may orchestrate a volumetric DDoS attack to overload the network layer crippling the target, effectively taking the site off-line. Defences have improved, yet the changing technology landscape allowed for unprecedented DDoS attack volumes in 2016, passing 1Tbps.

In 2017, cyber-criminals progressively transformed their tactic to achieve even greater levels of success through complex multi-vector attacks, combining network and targeted application layer attacks.

With network layer DDoS attacks (OSI Layers 3 & 4), the aim is to send malicious packets over different network protocols in order to take up all of the target's bandwidth and cause the website to become unavailable due to traffic overload.  

On the other hand, application layer attacks (OSI Layer 7) are caused by a hacker exploiting a specific vulnerability in an existing function within an organisation’s web presence and disabling the function or feature to achieve their objective, often focused on data theft or ransom. Application layer attacks are also the most difficult attacks to detect, providing little warning before creating chaos.   

Combining network and application layer attacks to craft more complex attacks has paid off, rewarding criminals with an increase in network breach and data theft.

This was illustrated by the findings of the latest Neustar research report, ‘Global DDoS Attacks & Cyber Security Insights Report’.The report revealed a massive 27% increase in breach incidents experienced in concert with DDoS attacks, with theft rising to 58%, as compared to 49% last year.

No doubt the upcoming notifiable data breach legislation has put an extra level of pressure on Australian businesses to mitigate the threat of inevitable attacks on their network and those directed at the web application layer. With the upcoming implementation of the NDB, organisations across Australia risk losing not only sensitive company and customer data, but millions of dollars in fines.

Protecting against application layer attacks with a Web Application Firewall    

It is encouraging that most businesses seem to have taken the initiative and are starting to invest in proactive defence technologies.

Protection against application-layer threats has increased significantly, with Web Application Firewall (WAF) solution deployments nearly tripling in the past year, according to a recent Neustar report. This rise has solidified the need for protection from what has quite rapidly become the most exploited layer in the network stack.   

Using a WAF can prevent attacks that take advantage of web application security flaws like SQL injections, cross-site scripting and security misconfigurations.

Every second counts when you're under attack and you should have the capacity to neutralise threats fast, without reducing network performance or impacting customers’ experience. A good WAF solution will enhance your response time and not drag it down. It will quickly stop application layer attacks before they can penetrate, disrupt or devastate business operations and brand reputation.

As the incessant stream of bots and breaches continue to grow larger and more frequent, it’s important to reassess your integrated security strategy. Adding the layered protection of a WAF to your current defences will help to fend off exploits, while also enabling you to ensure you aren’t the next organisation to make headlines.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.