Attacks on encrypted web services have become increasingly common in recent years, hence the importance of increasing the security of online data.
Encryption is one of the most basic necessities in the security arsenal. It’s what makes it possible for banks to offer online banking and funds transfers, or for consumers to make purchases online using their credit or debit cards. It’s what protects the public’s online interaction with government agencies or health care providers. It should surprise no one, however, that encrypted services are prime targets of DDoS attacks. Such services enable access to a wealth of personal, confidential, and financial data. Identity thieves and cyber criminals can have a field day if they succeed in breaking web service encryption.
But… how many cyber-criminals access encrypted web services?
To answer this question, our partner Netscout, a leader in cyber security assurance and business intelligence solutions, conducted a study in which they explain , attacks targeting encrypted web services have become increasingly common in recent years. Among enterprise, government, and education (EGE) respondents, 53% of detected attacks targeted encrypted services at the application layer. And 42% of respondents experienced attacks targeting the TLS/SSL (Transport Layer Security/Secure Socket Layer) protocol governing client-server authentication and secure communications. Among service providers, the percentage seeing attacks targeting secure web services (HTTPS) rose significantly over the previous year, from 52% to 61%.
With this data you will ask yourself: How do attacks on encrypted web services occur and how many types are there?
DDoS attacks targeting encrypted services tend to fall into four categories:
- Attacks that target the SSL/TLS negotiation, commonly known as the “handshake,” which determines how two parties to an internet connection will encrypt their communications.
- Protocol or connection attacks against SSL service ports, which seek to exploit SSL vulnerabilities.
- Volumetric attacks targeting SSL/TLS service ports, which overwhelm port capacity with high volume traffic floods.
- Application-layer attacks against underlying service running over SSL/TLS.
Attackers are unrelenting in their assaults on high-value encrypted targets. Given the critical nature of most encrypted applications and services, a single successful attack can have devastating consequences. The breadth, variety, and escalation of attacks on secure web services heightens the need for a multi-layered defensive posture, with capabilities to detect and mitigate the full range of today’s attack types.
Up to this point they are all bad news, so it is necessary to look for solutions to prevent attacks against encrypted web services.
A positive conclusion from the Netscout report is that both service providers and enterprises are recognizing that traditional firewalls and intrusion prevention systems are insufficient in confronting sophisticated DDoS attacks – particularly encrypted attacks targeting encrypted services. Encryption is essential, but cannot be relied upon on its own to thwart determined and sophisticated attackers. Operators and hosts of secure web services increasingly recognize the need for purpose-built Intelligent DDoS Mitigation Systems (IDMS) as the only effective option for mitigating DDoS attacks. Best practices call for a layered approach combining always-on, on-premise defenses with cloud-based mitigation capabilities that activate automatically based on the size and nature of the threat.
At Ayscom we have the experience and support to help you defend the different areas of the network and web services from the different types of existing threats, as well as continually updating and verifying the protection against new threats that arise every day.
If you would like more information about this service or others related to this subject, you can write to us at firstname.lastname@example.org and we will be happy to help you.
Source: Netscout, Attacks on encrypted services.