E-commerce and financial services will be major victims of sophisticated attacks in 2013, says Gartner
BANGALORE, INDIA: As enterprises expand their business online, they face increased threat of targeted attacks. According to Gartner, 25 pc of distributed denial of service (DDoS) attacks that occur in 2013 would be application-based.
“To combat this risk, enterprises need to revisit their network configurations, and rearchitect them to minimize the damage that can be done,” said Avivah Litan, vice president and distinguished analyst at Gartner. “Organizations that have a critical Web presence and cannot afford relatively lengthy disruptions in online service should employ a layered approach that combines multiple DOS defenses.”
Enterprises subject to DDoS attacks should take steps to mitigate potential damage from these attacks. In particular, Gartner advocates cooperation with industry associations to share intelligence that can be acted on collectively and quickly, as well as enterprise investments in fraud prevention technology and the strengthening of organizational processes.
Gartner recommends deploying layered fraud prevention and identity-proofing techniques to help stop the social engineering attacks from succeeding. In particular, fraud prevention systems that provide user or account behavioral profiling and entity link analysis are useful in these cases. Call center call analytics and fraud prevention software can be deployed to help catch fraudsters committing crimes via social engineering or by using stolen identities. Customers should also be educated on best security practices to help them avoid phishing attacks and social engineering ploys.
During such incidents, attackers send out targeted commands to applications to tax the central processing unit (CPU) and memory and make the application unavailable.
“A new class of damaging DDoS attacks and devious criminal social-engineering ploys were launched against U.S. banks in the second half of 2012, and this will continue in 2013 as well-organized criminal activity takes advantage of weaknesses in people, processes and systems,” said Avivah Litan.