One place for hosting & domains


      Evolving Cyberattacks: Exploring the Changing Cybersecurity Landscape in 2020

      Cyberattacks have been plaguing the top headlines for years and security continues to be a top priority for enterprises across the globe. In fact, when IT pros were asked their top challenges for 2020, protecting their organizations from cyberattacks came in second only to migrating applications to the cloud.

      Many of these pros also noted that cybersecurity would have been a good area to focus on had they known when they entered the field how important security would become. And this is not without reason. Criminals perpetrating cyberattacks keep shifting their strategies to expose new vulnerabilities, and cybersecurity experts are essential to stop these attackers in their tracks.

      As the cybersecurity landscape continues to evolve, it’s crucial to maintain awareness and adjust security strategies accordingly. Let’s explore what’s changing and which attacks are on the rise.

      Targeted Ransomware Attacks

      Public reports from various vendors such as Check Point, Verisign and others all seem to agree that mass ransomware attacks peaked in 2017 and ran through 2018, with 30 percent of businesses and home users affected, according to Checkpoint’s 2020 Cyber Security Report. But a peak doesn’t mean that ransomware attacks are going away, rather, they shifted to more targeted ransomware attacks in 2019.

      Alert Logic notes in their Critical Watch Report that ransomware continues to be a popular cyberattack due to its profitability, simplicity (because it can be conducted from a computer anywhere in the world) and anonymity. Malicious attackers are always adapting to new environments and IT protection strategies. The larger numbers of attacks in 2017 were reported from organizations that received phishing emails containing ransomware software. This technique has a fairly low success rate. With the end goal of a company paying an attacker for encryption keys, there is also low probability that the majority of these organizations would even have the available funds to pay in the first place. A more targeted and sophisticated effort proves to have a much higher success rate.

      Rising Popularity of Cryptojacking

      With ransomware attacks on the decline, cryptojacking—a type of cyberattack in which a hacker secretly uses a target’s computer to mine for cryptocurrency—is seeing a massive rise in popularity. It’s less visible and doesn’t require the same effort as ransomware. One of the many examples of this trend is a cryptojacking attack on a cloud mining service, which took the scripting service offline for weeks and resulted in 65-million-dollars in stolen cryptocurrency. While the company was able to recover most of the currency, cryptojacking attacks continue to deliver potentially business-ending consequences to vulnerable organizations.

      Attackers are evolving to use many of the same exploit measures that spammers and DDoS attackers have been using for years. Gaining control of a machine through known vulnerabilities and using those compromised machines idles computing cycles to join a mining pool.

      There were 52.7 million cryptojacking hits in the first half of 2019. Cryptojacking is a growing threat as we progress into 2020, and we can expect that more and more idle compute resources will be compromised.

      Evolving DDoS Attacks

      DDoS attacks are still a rising method of cyberattack, and just like ransomware attacks morphing into cryptojacking, DDoS attacks are also evolving.

      Neustar’s Q2 and Q3 2019 reports suggest that the attack intensity, measured in Mpps (million packets per second), as well as attack size, measured in Gbps (gigabits per second), is dropping. The average intensity of attacks in 2018 measured at 4.5 Mpps, while the average was 1.3 Mpps. The largest DDoS attack, recorded in 2018, registered at 1.7 Tbps. The average attack size in 2019 was around 7.5 Gbps. This suggests that DDoS attacks are currently undergoing the same process of refinement as ransomware attacks.

      Increasingly sophisticated DDoS attacks are being used not to take a whole service offline with a volumetric attack, but to strategically target specific ports, gateways, services or applications. These attacks require much less traffic to take a service offline, and many times the attack is focused on network degradation as opposed to a downed site event.

      Other Types of Cyberattacks

      While some of these more popular attacks types peaked from 2017 and 2018, a few new forms of attacks are on the rise. Some are using classic tactics, with malicious attackers going back to more simplistic attack styles to exploit areas that may be lightly secured by more corporations. Attacks using web-form hijacking techniques are on the rise, and while it seems as though most companies have adequate controls, JavaScript-based attacks served 16 percent of all global attacks for the first half of 2019.

      JavaScript based attacks are reported only third to EXE and DOC based attacks. While many organizations have defense software or hardware to protect their services on an application level, there may still be gaps in security that allow for vulnerabilities. A failed policy to delete an administrator account after an employee departure, a patch that was never applied to an application or crucial upgrades to software that can’t be implemented due to how the application is developed all can result in an attack.

      Preventing Vulnerabilities

      In 2020, it’s more crucial than ever to update both business and technical security policies. Finding a partner you can trust is an important first step to effectively getting ahead of these evolving attacks, and to navigating and managing the complex tools that will keep your organization safe.

      At INAP, we offer managed security services for all cloud products that extend your team and safeguard critical infrastructure. Do your homework to ensure whichever partner you choose can adequately safeguard your infrastructure solutions, as well as adequately address the evolving cyberattack landscape.

      Explore INAP Managed Security.


      Paul Just


      Source link

      Exploring the Features of Intelligent Monitoring, powered by INAP INblue

      What would you do if you didn’t have to spend time on routine server- or cloud-related maintenance and monitoring?

      According to INAP’s The State of IT infrastructure Management report, a vast majority of IT professionals say they are not spending enough time designing or implementing new solutions, working on expansions or upgrades, or focusing on information security projects. As it stands, 25 percent of participants say they spend too many hours on monitoring, and it’s clear that there’s a desire to set aside the busywork for value-added projects, allowing IT to be a center for innovation, rather than viewed as “purely keeping the lights on” by the company’s senior management.

      Intelligent Monitoring, powered by INAP INblue—a multicloud infrastructure management platform, gives you time for what matters. It’s a premium managed cloud and monitoring service—available today for INAP Bare Metal customers—that raises the bar for managed hosting solutions by ensuring proactive support, service transparency and consistent performance.

      “Infrastructure monitoring strategies are only as good as the actions that follow alerts,” said Jennifer Curry, SVP of Global Cloud Services at INAP. “We built Intelligent Monitoring to not only improve cloud performance and availability, but to set a new benchmark for managed services transparency.”

      In addition to an improved service experience, Managed Bare Metal customers also have access to the same enterprise-grade monitoring and management tools used by INAP technicians, offering functionality and control that will eliminate the need for customers to invest in third-party remote monitoring and management solutions, including remote execution and scripting, unified log management, patch management and automation, and port, service and URL monitoring.

      Let’s take a closer look at the features that make Intelligent Monitoring a one-of-a-kind solution.

      Advanced Monitoring & Action Items

      Built from the ground up with leading technologies like SaltStack and Elastic Beats, the Intelligent Monitoring agent tracks everything from server resource usage to Apache and MySQL connections. The in-depth, proprietary monitoring technology is installed directly onto your server, enabling INAP technicians to respond to alerts before performance degrading issues arise. Default trigger thresholds are chosen by INAP’s support team based on years of data and first-hand expertise. You have full access to all monitoring metrics and can request custom alert triggers, or modifications to trigger thresholds.

      When you log into INblue, the dashboard will give you a snapshot of your server environment through system events called Action Items. If you subscribe to the fully managed Service First edition, these items allow your INAP support team to proactively manage your environment and rapidly respond to alerts. Action Items are triggered in a variety of ways, including when infrastructure or network monitoring thresholds are surpassed, when a critical service shuts down or when a new software patch becomes available.

      Action Items

      Support Remediation Aided by Smart Workflow System

      INAP technicians remediate Action Items using our proprietary Smart Workflow System, which enables fast, accurate and consistent troubleshooting. Here’s a brief look how it works:

      1. The Smart Workflow System defines the Action Item type and initiates appropriate workflow process.
      2. The system automatically creates a support case for the Action Item, pulling historical correlated issue data, trigger metrics and detailed log info.
      3. Using the data and Action Item type, the assigned INAP Service First support technician investigates the issue following a branching series of software-defined and expert-tested remediation steps. Customers may request custom workflows for scenarios unique to their environment.
      4. Upon resolution of the Action Item, your assigned technician will notify you via the Action Item details page and include relevant root cause data.
      5. The Smart Workflow System constantly improves as new system data and insights from INAP experts modify issue definitions and remediation steps.

      On the other side of the glass, the INblue platform is your vehicle for ensuring absolute transparency. At the top of any Action Item details page, you’ll see the INAP technician assigned to the workflow, the current status of the event and tasks they are currently performing or have already performed. You can review information about correlated past issues, metric and log data pinpointing a trigger, and your full support history for any Action Item.

      However, for most Action Items, you won’t have to do a single thing. Intelligent Monitoring’s Smart Workflow System and the INAP Service First support team are on top of every case.

      Patching and Log Management

      Intelligent Monitoring radically simplifies two activities that most IT professionals consider especially tedious: patching and log management.

      The patching update process is streamlined, as all available patches for your server are proactively listed in groups. You can handle this process in one of two ways, depending on how much control you want. You can confirm and schedule the patch to complete the process with INAP support, or—if you want a hands-off approach—you can choose to auto-patch your server daily and your team will receive calendar invites for each scheduled patch.

      Intelligent Monitoring will also save you from manually browsing events by providing a chronological event log for all your servers. Easily filter by server and file path, or dive deep with a keyword search. You’ll be able to accelerate analysis and locate critical information. Plus, the log management feature provides your INAP technicians critical, actionable intelligence to keep your environment compliant and secure.

      Log Management

      Remote Execution and Scripting

      Intelligent Monitoring allows you to easily create and run remote execution scripts to any of your installed servers, giving you a single portal for taking control of your environment. You can choose from scripts you’ve already created and schedule them by inserting a token from your two-factor authentication application. You will automatically receive an email when the script successfully executes.

      If you want to create your own Bash or Powershell scripts, you can do so via the Script Editor, located in the side navigation of the INblue platform.

      Port, Service and URL Monitoring

      Under the Ports tab on any Server Details page, you can review, edit and monitor triggers for your server’s open and closed ports. Port Status changes will be shown in your Action Items list.

      Intelligent Monitoring also allows you to monitor any available services running on your system. You can also stop, start or restart services from the Services tab. For example, you can enable service monitoring on Chron Dee, enabling the auto-restart feature. With this monitoring feature enabled, you can rest assured that if a service ever fails, it will automatically create a new Action Item.

      Looking Ahead

      This is just the beginning for Intelligent Monitoring, powered by the INAP INblue platform. Many more features and capabilities are on the way, but in the meantime, we hope you enjoy exploring the tool and look forward to hearing your feedback.

      Demo INAP Intelligent Monitoring Today


      Laura Vietmeyer


      Source link