Rabobank targetted again.

Dutch bank Rabobank was this week targetted by a group known as the Conspiracy Cells of Fire, who launched a DDoS attack which brought its Internet Banking service down.

This again highlights the difficulty organisations have in detecting and blocking an attack that is based on the premise of using thousands, sometimes millions, of source machines to simultaneously send requests to a target server. Arbor Networks’ Peakflow SP TMS product provides both detection and mitigation of these attacks, primarily based on its ability to detect anomalies in network traffic and take action in real-time to block the necessary traffic. Previously the Arbor solution worked in conjunction with a Cisco or CheckPoint product to provide the detection and mitigation, respectively. Nowadays, Arbor has built the detection and mitigation into a single product.

For an even more complete security solution, the Arbor product could be deployed in conjunction with IBM Security Network IPS, for example.

Take a look at this video to gain a better understanding of the benefits of the Arbor Peakflow SP TMS product, as explained by one European customer.

Sony suffers second hacker attack.

Sony has suffered another blow to its brand reputation after warning an additional 25 million customers may have had their details stolen in a newly discovered attack by hackers.

The electronics giant has now disabled a second online network, Sony Online Entertainment (SOE), that houses massive multiplayer online (MMO) and Facebook games, after it was found to have been hacked last month.

Sony says personal information of 24.6 million customers including passwords, direct debit records and birthdates may have been stolen in the hack, discovered by its engineers earlier this week.

The techniques used for both recent Sony hacks appear to have been straightforward SQL injection hacks to the Sony database, which could have easily been prevented with basic security measures including Web Application Protection and Data Leakage Prevention (DLP), both of which are available in
IBM Security Network IPS.