Connect with us

Features

Keeping off DDOS attacks

Published

on

Enterprise Businesses have been facing rising DDOS attacks in terms of size, complexity and frequency which calls for a multi-layered approach

Distributed denial-of-service (DDoS) attacks, is seen as a frequently used strategy by cyber criminals in disrupting Businesses. The impact of a DDoS attack can be quite disastrous for a company’s Business. It is executed through all possible devices with an IP address to send a traffic overload to a targeted network. The targeted network’s system are unable to accommodate the web traffic that is being directed to it and goes down. As one of the prominent areas of an ever evolving landscape of cyber security threats, the need for Advanced detection and mitigation solutions for DDoS is quite critical.

Mahmoud Samy, Regional Director, ME R CIS at Arbor, the security division of NETSCOUT says, “When you talk to CIOs, CTOs etc, they are unanimous that DDOS is one aspect they cannot compromise with. That is because DDOS attack affects company’s financials, reputation, credibility of service etc. While there may still be time taken to mull over other security aspects and strategies, as far as DDOS protection is concerned, you have to be ready to thwart potential DDOS attacks from day one. Hence there cannot be any compromise. It has to be top of the list priority.”

Global DDoS attack data for the first six months of 2016 shows a continuing escalation in the both the size and frequency of attacks, according to data gathered through ATLAS, a collaborative partnership with more than 330 service provider customers who share anonymous traffic data with Arbor in order to deliver a comprehensive, aggregated view of global traffic and threats. ATLAS provides the data for the Digital Attack Map, a visualization of global attack traffic created in collaboration with Google Ideas.

In recent years, enterprise Businesses have been facing rising DDOS attacks in terms of size, complexity and frequency. With DDoS tools that are available for free downloads or purchase online, almost anyone with least technical skills can pull off an attack on a target’s web assets. However, there could in fact be a variety of reasons behind a DDoS attack and could also include diversionary tactics.

Mahmoud says, “Success could be 100% from a DDoS attack on an organization that doesn’t have the protection. Protection has to be in place before an event. Attackers can reach their objectives in no time, if there is no protection. There are also simple do it yourself DDoS attacks available on Internet which makes it is easier to launch DDoS attacks.”

He adds, “The attacks could come in different look and feel. They could be volumetric attacks, application attacks or exhausting attacks. Volumetric attack is a flood of traffic targeted to a destination whereas application attacks target a specific application to take it down. Exhausting attacks target security devices – they try and convert the devices that are meant to defend to launch attacks or be the gateway of attacks. Some attacks can be a combination of the three.”

Chris Gale, EMEA Partner Director at A10 Networks at A10 Networks opines these attacks could arise from hit and run strategies orchestrated by untrained individuals or hackers.

According to him, “Considering these attacks are typically the least organized, and pulled off by the least technical individuals, they are the easiest to prevent. Unskilled troublemakers typically will use a paid service to pull off the attacks, making it costly to sustain long-term. By optimizing your network configuration, and utilizing technology with robust load balancing capabilities, the risks posed by these attacks are greatly minimized.”

The attacks could also have origins in political protests or could be traced to even competitors looking to hurt the financials of the company. It may also be a diversionary tactic to sustain the attention of IT staff to the DDoS related mitigation while the cyber criminals execute a more serious incursion into the network.

Chris opines that the fact that a DDoS attack is being used as a smokescreen for a larger security incident is not realized until it’s too late. The best defense therefore is to ensure that all normal cybersecurity processes are continued in the wake of an attack and never assuming the worst is over. Finally, the origin of the attack may also lie in an effort at extracting ransom from Businesses that can’t afford downtime on their systems for protracted periods.

In the era of IoT devices, the threat factor is manifold. The most recent instance is the DDoS attack last month against Dyn, a New Hampshire-based company that hosts DNS zones for many companies. The DDoS attack used the Mirai botnet, which consists of thousands of compromised “Internet of Things” devices, including IP cameras and digital video recorders. The DDoS attack sent enormous volumes of traffic-most of it not DNS-to Dyn’s name servers, overwhelming them and rendering them unable to respond to legitimate queries. The result was that many of Dyn’s customers were unreachable from the Internet, including high-profile companies such as Twitter, Amazon, Netflix and Reddit.

Providing an insight into what enterprises in the Middle East can do to withstand such an attack, Cherif Sleiman, Managing Director, Middle East and Africa at Infoblox says, “Infoblox’s best practices recommend using a combination of on-premises appliances and a DNS hosting provider to support external authoritative name service. A customer following this recommendation would have withstood the attack against Dyn, as their on-premises authoritative name servers would have been accessible throughout the attack. ”

Cherif adds, “Infoblox provides the instrumentation and capabilities underneath the network intelligence where we can uncover insights across your network, security, datacenter layers and the cloud. We are trying to reduce the latency between the time it takes to discover something is amiss and the action that solves the issue.”

In the region, Telecom providers are also playing a significant role in ensuring DDoS protection and driving awareness in their role as MSSPs.

“Service providers are also helping promote the role of DDOS security and they are selling it as a managed service. They have to ensure that their major customers are protected; otherwise the problems could multiply. We have partnered with service providers including Etisalat, STC and du who use our solutions and they are in turn providing DDOS solutions as managed services to the enterprise market, including key verticals such as Financial sector, oil & gas, government sector etc, “says Arbor’s Mahmoud.

Research Team (ASERT) and reportedly, LizardStresser, an IoT botnet was used to launch attacks as large as 400Gbps targeting gaming sites worldwide, Brazilian financial institutions, ISPs and government institutions. In this case, according to ASERT, the attack packets do not appear to be from spoofed source addresses – and no UDP (User Datagram Protocol) based amplification protocols such as NTP (Network Time Protocol) or SNMP were used.

The ASERT report documented that a majority of recent large attacks leverage the Reflection amplification technique using DNS servers, NTP, Chargen and Simple Service Discovery Protocol (SSDP). DNS is currently seen as the most prevalent protocol used in 2016 and adding more cause for concern, the average size of DNS reflection amplification attacks has been growing. Further, while even a 1 Gbps DDoS attack is arguably enough to take most organizations completely off line, the average attack size in 1H 2016 had reached 986Mbps, showing a 30% increase over 2015 and is projected to be 1.15Gbps by end of 2016.

Since the range of attacks is quite varied, from high bandwidth to as low as 1 Gbps, the need is for a hybrid, or multi-layer DDoS defense. According to Darren Anstee, Arbor Networks Chief Security Technologist, high bandwidth attacks are best mitigated in the cloud, away from the intended target.  However, 80% of all attacks are still less than 1Gbps and 90% last less than one hour and therefore on-premise protection provides the rapid reaction needed and is key against “low and slow” application-layer attacks, as well as state exhaustion attacks targeting infrastructure such as firewalls and IPS.

Offering protection against volumetric flood of data, a key identifier of a DDoS attack, A10 Networks offers Threat Protect System (TPS) appliances and has recently unveiled the latest edition products.

According to Adil Baghir, Sr. Systems Engineer at A10 Networks, many of the available solutions are arguably limited in terms of DDoS mitigation performance and A10 Networks is seeking to address these shortcomings with its latest TPS. The manufacturer’s new group of TPS appliances unveiled in October, provides up to 300 Gbps of DDoS protection in a single box. The top-end device is the new Thunder 14045, which is a 3 RU (rack unit) appliance powered by four 18-core Intel Xeon processors.

Adil adds, “Many existing solutions introduce high latency into the networks and also offer very limited deployment options. We are addressing these issues with our latest launch October of the new TPS appliances which offer the fastest DDoS mitigation solution offering from 1 Gbps to 300 Gbps throughput DDoS mitigation.”

While more awareness is building up in the market about the evolving nature of DDoS threats, more companies in the region could look into having the right solutions in place. The role of the channel in driving awareness goes hand in hand with vendors who have been at the forefront of DDoS technologies.

Mahmoud adds, “The awareness in the market about DDoS is getting better compared to 4-5 years. Arbor has been educating the market regarding DDoS threats for nearly 15 years now. In the early years, no one else was talking of DDoS but that has changed in the past few years. Almost every CIO is talking about it which goes to prove that the awareness is now a lot better.”

Finally, a multi-layered approach is key to having the best chance against staving off such attacks. A no-compromise approach should be the mantra towards securing effectively against DDoS attacks.

 

Features

Why and how to Invest in Technology for Financial Efficiency in Restaurants

Published

on

Deliverect restaurants

By Naji Haddad, VP – EMEA at Deliverect

In today’s competitive market, staying ahead of the curve is crucial to using essential cutting-edge technology for restaurants to thrive. Modern technology is transforming every facet of the restaurant business. From automating tasks with robotics to utilizing software for inventory management and customer service, these solutions empower restaurants to operate more efficiently and profitably, reshaping the entire industry.

Nowadays, new restaurants, ghost kitchens, and virtual food brands are popping up at every corner, making our industry the most competitive it has ever been; using the right tech is the way to reduce financial waste and elevate financial efficiency in the coming years.

Consolidating tech into a Comprehensive Solution

While tech integration is crucial, it shouldn’t burden restaurants with excessive costs or complexity. Many restaurants make the mistake of overinvesting in new software and even hardware solutions without first analyzing their needs, goals, and focus areas.

For example, one of the major focus areas for any growth-oriented restaurant would be to consolidate its tech and use a solution to seamlessly aggregate online orders, manage menus, track data, and reduce redundancy across your Point-of-Sale (POS) system.

This streamlines workflows and provides a unified overview of all incoming orders, especially for restaurants with multiple sales channels.

Always aim for a lean tech operation where you use only a handful of critical tools that provide as much bang for your buck as possible.

Protection of Revenue: Reducing Failed Orders

One of the critical aspects of financial efficiency in restaurants is reducing failed orders. This not only affects revenue but also customer satisfaction and loyalty. Having a solution that seamlessly integrates all your equipment, from online ordering systems to kitchen appliances, helps in reducing errors and ensuring orders are fulfilled accurately and on time.

By leveraging technology to streamline order processing, track inventory in real-time, and minimize manual errors, restaurants can protect their revenue by avoiding costly mistakes that lead to dissatisfied customers and lost sales opportunities.

Moreover, implementing predictive analytics and machine learning algorithms can further enhance order accuracy and reduce the risk of errors, contributing to improved revenue protection and customer experience.

Financial Tracking: A Cornerstone for Success

Effective financial management is paramount. Beyond tracking revenue and sales, restaurants require meticulous expense management and year-round financial analysis.

Financial monitoring and meticulous analysis are the foundational pillars of data-driven decision-making in this business, giving you a competitive edge. It all starts with the right accounting software that will provide you with a comprehensive overview of your accounts receivable and accounts payable, along with detailed reports.

This software should provide comprehensive overviews of accounts receivable and payable and detailed, granular reports – both at the micro and macro levels – to identify seasonal and annual cash flow trends.

Using Technology to Optimise Labor Costs

Everything is becoming more expensive. From logistics, food, packaging, equipment, and compliance to labour, training, and talent retention, restaurant owners desperately seek ways to cut their expenses.

Task automation is key to optimizing labor costs in restaurants. By automating repetitive tasks such as order processing, inventory management, and reporting, staff can focus on higher-value activities like customer service, menu innovation, and strategic planning.

Automated scheduling tools can also help in optimizing labor allocation based on demand patterns, ensuring adequate staffing levels without unnecessary overtime or understaffing situations. This not only improves operational efficiency but also enhances employee satisfaction and reduces turnover rates.

Investing in staff training on using these automated tools effectively can further maximize their impact on labor cost optimization and overall business performance.

Investing in the Future

The restaurant industry is becoming more competitive than ever, but that doesn’t mean that small businesses or up-and-coming brands can’t build long-term success and stability. However, by embracing technology for operational efficiency, cost optimisation, and strategic growth, restaurants of all sizes can thrive with this competitive edge in 2024 and beyond.

Continue Reading

Features

Robust patch management. In the fight against ransomware, it’s time to get back to basics

Published

on

ransomware

By Saeed Abbasi, Product Manager, Vulnerability Research, Qualys Threat Research Unit (TRU)

In the Arab Gulf region, ransomware has become an epidemic. Since 2019, Saudi Arabia has been a top target for RansomOps gangs. And the GCC remained the most affected territory in the Middle East and Africa, as of 2023, showing a 65% increase over 2022 for instances of victims’ information being posted to data-leak sites. According to the Known Exploited Vulnerabilities (KEV) catalog, maintained by the Cybersecurity and Infrastructure Security Agency (CISA) under the U.S. Department of Homeland Security, approximately 20% of the 1,117 exploited vulnerabilities are linked to known ransomware campaigns. Attackers have become more relentless and more sophisticated, just as regional security teams have become more overworked and overwhelmed by their new hybrid infrastructures.

In today’s climate, senior executives approach discussions about cyber risk with the expectation of hearing unfavorable news. Indeed, matters have escalated of late with the emergence of human-mimicking AI. We used to take comfort in the fact that at least artificial intelligence could not be creative like people could. But that was before generative AI came along and left us speechless — with delight or dread, depending on our day job. For security professionals, it is the latter because every new technology that arrives will eventually get exploited by threat actors. AI and its generative subspecies can make it easier to find vulnerabilities, which implies there will be a surge in the volume of zero-days. And GenAI can pump out convincing phishing content at a scale unreachable by human criminals.

But in a break with tradition, I offer good news. In the daily struggle with ransomware threats, the answer lies in the daily fundamentals of IT admin. Patch management is the keystone of cyber resilience. As each vulnerability becomes known and fixes are released, that dreaded countdown begins again. Whether threat actors have beaten vendors to the punch by publishing an exploit before the patch was released or not, organizations must be prepared to act strategically when fixes become available. It may be that a patch fixes an error that poses no risk to the enterprise, in which case patching would not have much impact on reducing cyber risk. Hence, organizations need to look at prioritizing patching the assets that cause the most existential risk to the company, maximizing their patch rate (a measure of how effectively vulnerabilities are addressed) and minimizing their mean time to remediation (MTTR) for such “crown jewel” assets.

Windows mean doors

The Qualys Threat Research Unit (TRU) uses these metrics often in anonymized studies of organizations’ cyber-readiness. Our 2023 Qualys TruRisk Research Report found that weaponized vulnerabilities are patched within 30.6 days in 57.7% of cases, whereas attackers typically publish exploits for the same flaws inside just 19.5 days. That 11-day window is where our concerns should be concentrated. It should spur us to revisit patch management and — if we have not already — to integrate it into our cybersecurity strategy so we can start to close our open doors to attackers.

If we imagine a graph of MTTR plotted against patch rate for every vulnerability, then we can imagine four quadrants, defined by combinations of “high” or “low” for our two metrics. Our sweet spot is in the bottom righthand corner, where patch rate is high and MTTR is low. We could call this quadrant, the “Optimal Security Zone”. If a vulnerability is in this zone, we are unfazed by it. It is low-risk because it is patched and resolved quickly. In the top right, we find that patch rate is still high, so we call this the “Vigilant Alert Zone”, but incidents take a longer time to remediate (high MTTR). But while this is a higher source of concern, it is less worrying than if a vulnerability falls in the bottom left quadrant — the “Underestimated Risk Zone”. Here, we find overlooked vulnerabilities (low patch rates) but unexpectedly short remediation times. These flaws can quickly become risks if left unaddressed. Finally, we come to our red-flag quadrant, the “Critical Attention Zone” (top left), where vulnerabilities have low patch rates and take a long time to resolve.

Combining metrics like this can give us important crossover information that allows us to triage our patch management effectively. By exploring the critical areas first, we can examine overlooked vulnerabilities and discover either that they pose little threat and are less of a source of concern, or that they could lead to a ransomware incident, in which case they become a top priority on our to-do list. With RansomOps groups now leveraging advanced automation tools, the importance of optimal patch management cannot be overstated. Ensuring that systems are updated and secure is critical to prevent potential vulnerabilities.

Action stations

Starting today, then, GCC organizations should look to their vulnerability management strategy and determine an approach that is able to stand up to armies of threat actors, working as a unified industry, equipped with advanced AI, to disrupt, disable, and damage the region’s innovative spirit. We all need to make sure that our vulnerability gaps are closed and our defenses tightened against these malicious actors. Technical and business stakeholders must collaborate on crafting roadmaps that make sense to their operational uniqueness.

The hope remains that one day, cyber criminals, a persistent threat today, will be effectively countered by innovative security technologies. However, we must confront the fact that attackers are becoming more sophisticated, their campaigns are escalating in scope, and the resources available for cybersecurity defense are often constrained.

The solution does not lie in an unknowable panacea, but in the day-to-day fundamentals — robust patch management that uses the four-quadrant principle and aims for the highest possible patch rate and the shortest possible resolution time. The top practitioners in any field — sports, business, the arts — will always extol the virtues of the fundamentals. If it works for them, then why not for us? So, let’s get back to basics and send the ransomware actor packing.

Continue Reading

Features

Sustainable Investing: Balancing Profit And Purpose

Published

on

Sustainable Investing

By Joseph El Am, General Manager, MENA, StashAway

The climate crisis is the defining challenge of our time. The first half of 2024 saw temperatures reach a 175-year record, clearly illustrating the urgency of the situation. It’s often said that everyone, as individuals, can and should vote with their wallets – something that goes beyond choosing sustainable products to encompass sustainable investing.

As the magnitude of climate change continues to grow, investor interest in sustainable investing has also risen, with over half of global investors planning to increase their sustainable investments in the next 12 months. ESG investing is one-way individuals can help promote a more sustainable, just, and equitable world by supporting companies that are accountable for their environmental impact, socially responsible, and committed to fair and transparent business practices. Still, for most investors, financial returns remain the main priority – which raises the question: Is it possible to balance profit with purpose?

WHAT IS SUSTAINABLE INVESTING?

As a starting point, let’s first look at what sustainable investing actually means. Firstly, there’s ESG investing, which considers the environmental, social, and governance (ESG) factors of a company. It gives investors a framework to assess how sustainable and long-lasting an investment is likely to be.

ESG is practical because its framework can help investors identify future-proof companies. Investors can use ESG to help them avoid investing in companies that engage in risky or short-signed behavior, which can cost a company and its shareholders more. Indeed, studies have shown that companies with strong ESG performance tend to outperform their peers in the long term. A 2023 McKinsey study found that companies that deliver strong performance in both financial and ESG metrics deliver 2% higher annual excess total shareholder return than those that excel only in financial metrics.

ESG INVESTING ISN’T ALWAYS THAT STRAIGHTFORWARD

While the benefits of ESG investing are clear, the road towards it can be difficult to map out. The way in which we define and regulate ESG is often complicated by the challenges of measuring ESG criteria. Environmental and social practices aren’t universally regulated nor quantifiable in financial terms yet. For example, there’s still no universal standard for measuring the harm a company causes its workers or to which extent a company is responsible for its supply chain. These factors make regulating ESG difficult compared to traditional investing, which has established standards on financial reporting. The limitations of reporting ESG data are often a key barrier holding investors back from making sustainable investments.

While the way experts define and regulate ESG will likely evolve as we seek out better means of measurement, institutions have already developed ESG scoring to help fund managers build ESG-friendly portfolios. MSCI and Morningstar, for example, designate ESG ratings based on how a company manages its ESG risks compared to other companies within the same industry. Such industry-recognized ESG scoring models can help investors make well-informed decisions that align with their values. Our Responsible Investing Portfolio, for instance, uses both the MSCI ESG rating and the Morningstar Sustainability Rating to provide an average of the two scoring models, offering environmentally conscious investors better visibility into their portfolios.

INVESTING IN THE FUTURE OF CLEANTECH

Thematic investing in environmental tech is another way to invest in companies that help shape a cleaner and greener world. While ESG investing looks at a broad range of companies across industries and considers additional factors like diversity and social responsibility, thematic investing can focus specifically on the environment industry, from renewable energy to smart grids and waste management technologies. The environment tech sector is expected to see significant growth in the coming years, driven by net-zero emissions goals by governments around the world and technological advancements. Take clean energy for example – the International Energy Agency found that global clean energy investment has increased by nearly 50% from 2019 to 2023, reaching USD $1.8 trillion last year. In the Middle East region, countries have pledged to add 62GW of renewable energy capacity over the next five years – a pace of growth that is more than three times the previous five-year period.

As advancements in AI take the world by storm and drive energy consumption, the need to invest and build up our renewable energy capacity will likely only accelerate further. Investing in such cleantech sectors allows investors to not just make a positive impact on our planet and societies, but also diversify their portfolio with exposure to technologies with high-growth potential.

RESPONSIBLE INVESTING THAT SUITS YOUR PERSONAL GOALS

We’ve discussed the different ways to invest with sustainability in mind, and how such environmentally responsible investments don’t have to come at the expense of long-term returns. Even so, how each individual approaches sustainable investing will still depend on your financial goals and risk appetite (as always!). For those just starting their financial journey, consider a well-diversified portfolio optimized for both performance and ESG. Building such a core investment portfolio as a foundation can help you work towards long-term financial goals, such as saving for retirement. On the other hand, investors ready to diversify further and gain greater exposure to new sectors can look at thematic portfolios with a focus on environment and cleantech. Whichever path you choose, it’s clear that sustainable investing can balance both profit and purpose, while staying in alignment with your financial goals.

Continue Reading

Trending

Please enable JavaScript in your browser to complete this form.

Copyright © 2023 | The Integrator