As we know, IT folks are always looking for proof of their security effectiveness. Juniper Networks is no exception. We’re constantly under attack by scripts, suspicious users, and malicious attackers. And in this Juniper-on-Juniper white paper, we offer a glimpse into how our Web applications are under constant bombardment from low-level scripts to sophisticated attackers. We collected this case study data from the deployments of WebApp Secure, which uses our unique intrusion deception technology to detect, track, profile, and prevent hackers in real time.
Three key standouts of the study:
- The hacking superpowers are visible. IP addresses registered in the U.S. and China are the hacking superpowers in terms of volume, accounting for 73.4% of all attackers detected. China accounts for 45.65% of all attackers on Juniper’s Web apps.
- Changing the economics of hacking matters. There is a finite amount of time that an attacker will attack a Web app. The duration differs for each website and depends on the number of pages, the sophistication of the site content, and the value of the data behind the site. For example, for one site that was smaller in scale with fewer pages to attack, the average duration of attacks was only eight minutes. On another much larger site, the average duration of the attack was three hours per attacker. This suggests that if you protect the Web app long enough, the attacker will move on to other targets.
- Deception is being used by attackers. Attackers are altering their profiles to mask the real tools they use. For example, the higher than normal proportion of Windows XP and Internet Explorer users indicates that attackers are providing fake information to the sites they visit. Interestingly, this deceptive tactic makes these attackers stand out from the crowd for those who are trying to defeat them.
Check out this white paper to get a better understanding of today’s challenging attack landscape, and to learn what you can do to better mitigate and even eliminate these risks.