12
May
2015
Lax Security Opens the Door for Mass Scale Abuse of SOHO Routers

Small Office / Home Office (SOHO) router security has recently become a hot topic. For those who are unfamiliar with the situation, it can best be described as negligent, with ISPs, vendors, and users sharing a long tradition of disregarding basic security practices. The result of this negligence is the existence of hundreds of thousands—more likely millions—of hacker-controlled routers used to attack the Internet ecosystem and interconnected networks.

Several dozen Imperva Incapsula customers were recently targeted by one such DDoS botnet comprised of tens of thousands of hijacked routers. After informing the major companies involved, we are sharing attack details in an attempt to raise awareness about the dangers posed by under-secured, connected devices.

The attacks we will describe are enabled by what we perceive as particularly careless security practices. Many of these botnet devices remain active, continuing to play a role in attack attempts against our clients and other websites, even as this is being written...

Read more »

31
Mar
2015
Shotgun DDoS Attacks Originating from Anonymous Proxies

The idea behind these attacks is to leverage a large number of open proxies to turn a single-source DoS attack into a distributed one (DDoS), making it much harder to mitigate.

In such attacks, the perpetrator’s first step is to harvest a list of publicly available proxy servers, using a DYI script of one of many list or tools available online.

Next, using a modified version of DoS toolkit or homebrew DoS script the perpetrator sends out a slew of malicious request through each of the harvested IPs...

Read more »


05
Mar
2015
Why DDoSers Have Their Eyes on SaaS, and What You Can Do About It

In recent years Software as a Service (SaaS) emerged as one of the most targeted online industries. This isn’t particularly surprising as, for several key reasons, SaaS companies are especially vulnerable to DDoS attacks.

In this post we’ll talk about:

  • What makes SaaS companies so attractive to perpetrators
  • What are the typical DDoS threats SaaS companies have to face
  • Basic steps SaaS companies should take to minimize the threat
Read more »

26
Feb
2015
Layer 7 Visibility - Beyond the Buzzword

As a website operator you’ve probably heard vendors, including Incapsula, mention the benefits of layer 7 visibility. However, you may not have ever received a clear explanation as to why it is important to your organization.

In this post, we’ll go beyond buzzwords and delve into the advantages of layer 7 visibility as a DevOps tool used for load balancing and DDoS mitigation.

Read more »

19
Feb
2015
Free IPv6 Support for All Incapsula Clients

With this upgrade, Incapsula can be used as a backward and forward-compatible IPv6-to-IPv4 gateway that supports all IPv6 communication scenarios.

Backward and forward-compatible IPv6-to-IPv4 gateway

This has two main benefits:

  • Free IPv6 for everyone – Adding to its security, availability and acceleration capabilities, Incapsula can now be used as a plug-and-play IPv6 compatibility solution.
    Any website operator in need of IPv6 support can now skip the resource and time-intensive upgrade by using Incapsula’s free Content Delivery Network (CDN) to seamlessly facilitate all IPv6-to-IPv4 communications.
  • Better Compliance – With its newly developed ability to handle end-to-end IPv6 communications, Incapsula is now fully compliant with regulatory demands calling for IPv6 support (e.g., DAE Action 89).
    This not only addresses a commonly expressed need for existing Incapsula clients, but also opens the door for new and existing business opportunities in government and enterprise sectors.

Read more »

11
Feb
2015
Introducing our New System Status Page

Today we are happy to announce the launch of our new system status page, which helps our clients track Incapsula network status worldwide, including server health and software updates.

This new system provides real-time visibility of the condition of Incapsula’s global network, offering our clients centralized updates on:

  • System Status – Allows you to confirm the availability of all Incapsula data centers and granularly observe the current status of the Incapsula management console and API on each and every Incapsula PoP.
  • Outages and Incidents – Helps keep track of major network events that may potentially impact your own service.
  • Patching and Maintenance – Provides information about Incapsula maintenance cycles and major security patches.

Incapsula’s enterprise clients can also subscribe to receive real-time network status notifications, available via SMS or Email.

Read more »

29
Jan
2015
New Data Center Goes Live in Zurich Switzerland. Total Network Capacity Surpasses 1Tbps.

This week we are happy to announce the activation of Incapsula’s 21st data center in Zurich, Switzerland. With this deployment Incapsula achieves a firm local presence that enables clients to comply with the strict demands of Swiss privacy laws and Swiss federal data protection regulations (DPA).

The Zurich deployment culminates an extensive network-wide upgrade, during which we expanded the capacity of existing data centers to further improve Incapsula's resilience against large-scale DDoS attacks.

With the conclusion of 2014’s upgrade cycle, and with the additional muscle provided by this new Zurich facility, Incapsula’s overall network capacity now surpasses 1Tbps.

Read more »

22
Jan
2015
2014 Bot Traffic Report

Load balancing is a critical function for online organizations needing to cost-effectively scale their operations. This technology distributes traffic and application loads across multiple servers, while also ensuring business continuity via automatic failover processes.

Solutions are abundant, and evaluating which one best fits your infrastructure, availability, and growth requirements is no simple matter. Incapsula’s new How to Choose a Load Balancing Solution guide helps you with this process. It addresses several key questions, including:

  • What are the essential characteristics of today’s load balancing technologies?
  • What are the key criteria for selecting a load balancing solution?
  • Which distribution methods are best suited for your IT environment?
  • Which solutions offer cost-effective scalability, and at what trade-off degree?
  • Which solutions are most compatible with hybrid or cloud environments?

Written by industry experts, Incapsula offers you the 18-page document as a free download, with the intention of helping you reach an effective data-driven purchase decision.

Read more »

18
Dec
2014
2014 Bot Traffic Report

As Incapsula’s prior annual reports have shown, bots are the Internet’s silent majority. Behind the scenes, billions of these software agents shape our web experience by influencing the way we learn, trade, work, let loose, and interact with each other online.

Bots are also often designed for mischief, however. In fact, many of them are used for some kind of malicious activity—including mass-scale hack attacks, DDoS floods, spam schemes, and click-fraud campaigns.

For the third year running, Incapsula is publishing our annual Bot Traffic Report—a statistical study examining the typically-transparent flow of bot traffic on the Web. This year we build upon our previous findings to report year-to-year bot traffic trends. We also dig deeper into Incapsula’s database to reveal an even more substantial data sample, providing new insights into bot activity.

Read more »