The F5 Security Top 16 of 2016
2016 has been a year to remember when it comes to security (though perhaps also one that many would prefer to forget). Between data breaches, ransomware, hacktivism, zero day vulnerabilities, and DDoS attacks, no one’s information felt as safe as it did in 2015. Additionally, quite a few predictors suggest that these security trends will continue making headlines in the year to come…
But before looking to the future, let’s first relive F5’s year in security for 2016. Below are highlights from a year’s worth of blogs, articles, videos, threat research, and other F5 content. Enjoy!
.jpg)
#1 – The Mirai IoT Botnet Attack – It was only just the beginning in October when our F5 Labs team dissected the initial massive Mirai botnet attack and warned of the potential of future attacks. Of course, Mirai continued to wreak havoc and take advantage of vulnerable IoT devices.
#2 – Later in October, F5 Security Evangelist David Holmes wrote an in-depth round-up – Making Sense of the Last Month of DDoS Attacks – after the stretch of DDoS attacks targeting Krebs on Security, OVH hosting company, and Dyn. Holmes also provided guidance for those interested in improving their resiliency.
#3 – With the introduction of the new BIG-IP iSeries, we tested our new offering against our competitors in regard to SSL performance and the iSeries performed five times faster than comparable devices. Check out our write-up, “F5 BIG-IP iSeries Crushes Citrix and A10 SSL Performance.”
#4 – Before the DDoS attacks in the fall, we showcased the power of F5 Silverline DDoS Protection, as our solution was able to mitigate a 448 Gbps attack in June. Read through the whole report and additional insights from our F5 Security Operations Center in this article.
#5 – On the more technical side, F5’s Brian McHenry penned a blog in DevCentral on Full Stack Security, highlighting the uniquely positioned BIG-IP platform and why it makes sense as a full-proxy security solution.
#6 – In August, F5’s CISO Mike Convertino shared our first annual State of Application Security report. The report, conducted in partnership with the Ponemon Institute, addressed Application Security in the Changing Risk Landscape.
#7 – F5 WAF in Azure Security Center – This summer, we were excited to launch a turnkey WAF (web application firewall) solution in the Microsoft Azure Security Center. The F5 WAF solution for Azure helps enterprises meet compliance requirements and protect their assets against new and existing application threats and DDoS attacks.
#8 – In November, our F5 Labs team produced a research report on the financial malware called TrickBot. At the time, the team predicted the evolution of the malware and potential targets expanding. This was proved correct in an updated post on TrickBot in December, as the malware targeted one of Germany’s largest banking groups.
#9 – On Halloween, David Holmes delivered a treat in the form of an iRule coded to kill the Mirai IoT botnet processes from your F5 product/solution. Check it out on DevCentral, “Mirai Strikeback.”
#10 – Also on the technical side, F5’s Lori MacVittie discussed the rift between DevOps and NetOps when it comes to security on DevCentral with “Clash of Ops: How Security Turns Stateless into Stateful.”
#11 – Looking for a comprehensive report on DDoS attacks from the past year? Download the 2016 DDoS Attack Trends report, authored by David Holmes.
#12 – The month of February was dedicated to security on DevCentral. As the team produced a full month’s worth of content focusing on BIG-IP Advanced Firewall Manager (AFM), Application Security Manager (ASM), and Silverline WAF and DDoS Protection, and more.
#13 – With the increased focus on encryption in 2016 (i.e. “SSL Everywhere”), visibility into SSL/TLS traffic became a major concern (watch David Holmes’ “SSL Outbound Visibility” Lightboard Lesson as reference). No longer is SSL traffic reserved for financial institutions, it’s becoming the new norm. Our team in Singapore bought attention to this in an F5 Newsroom feature: Visibility and control over SSL traffic in an era of HTTP/2.0
#14 – In July, F5 Labs produced a major threat analysis report (prior to the wave of attacks in the latter half of the year) entitled, “DDoS’s Newest Minions: IoT Devices.”
#15 – Are you aware that Dridex (a strain of financial malware) is watching you? Luckily, F5 researchers were watching Dridex and published a thorough report to the F5 Newsroom back in June on how Dridex can infect a user's machine without their knowledge.
#16 – Lastly, with a glimpse of what the future may hold, Lori MacVittie warned us in March of the impending of attacks to come – potentially even from an Internet-connected teddy bear – in her Newsroom blog, “IoT Security: Don’t ignore the basics.”
___
Be safe, happy holidays, and here’s to a secure 2017!