ISP and hosting companies have joined the gaming and gambling sector to be the biggest victims of cyber crime in 2014, a trend that will likely continue in 2015. That’s according to Radware, the leading provider of application delivery and application security solutions for virtual and cloud data centres. The findings are from its fourth annual ‘Global application and security report’, which surveys 330 companies globally*, on cyber attacks on networks and applications and act as a strong warning to the betting industry to ensure they do not become a cyber-domino as a result of the security failings of their suppliers.

Ring of Fire: As part of the report, Radware publishes a ‘Ring of Fire’, which tracks cyber attacks and predicts the likelihood of attack on major industries. In the last 12 months, ISPs have moved up the risk rankings to become some of the most exposed companies, joining the gambling sector and government at the centre of the ‘Ring of Fire’. Hosting companies have jumped from ‘low risk’ on the outside of the ring to just outside the ‘high risk’ centre. (Figure 1)

Adrian Crawley, UK & Ireland regional director for Radware, says: “It’s the perfect storm to find gaming and ISPs in the centre of the ring of fire. If the online gaming industry continues to grow 15% year on year*, then so will dependency on ISPs. The risk of becoming a cyber-domino will only heighten if steps aren’t taken to protect network infrastructure and applications from attack.”

Figure 1. Radware Global Application and Security Report, Ring of Fire

He continues: “The good news is that we know from conversations with CIOs of ISPs and hosting providers that they understand the risks and want to put in place robust solutions. Many of them agree that this is a three step process comprising hybrid solutions that protect them from the very complex and sustained attacks on application networks, collaboration with suppliers and customers, and using expertise from the security industry.” 

The report also shows that 19% of companies admit they are under constant cyber attack, three times as many as last year, yet 52% reveal they can effectively fight an around-the-clock campaign for only a day or less. The pressure this puts companies under has prompted boardrooms to take the threat of attacks more seriously. Three quarters of respondents said it is now a hot topic in the boardroom as reputation and revenue implications are better understood.

Carl Herberger, vice president of security solutions at Radware: “When interviewed, IT and network directors suggested that the shift in boardroom attitudes is not only helping them to raise the issues related to managing existing infrastructure but also the implications of embracing new trends such as bring your own device, the move to the cloud, and the Internet of Things (IoT).”

Carl continues: “The Internet of Things will be one of the greatest challenges for CIOs in the coming five years because of the prevalence of reflective attacks, where hackers use legitimate routes into the network to hide their identity and mask activity. For example, imagine a casino with internet connected tables and automatic dealers managing players both online and at the table. Huge damage could be done if algorithms are hacked to rig games and jackpot values.

“CIOs will be challenged in ways they never expected, as they grapple to identify which future thinking initiatives can be taken to market and as a result, where their responsibility for technology starts and ends, and how best to protect their infrastructure and consumers. Many are already recognising that success will rest in combining skills with technology.”

In support of this finding, more than half (52%) reported changing security processes, protocols and/or mandates, and almost half (48%) of companies will employ hybrid protection of on-premise and cloud solutions that fight back on multiple levels.

The report has also revealed that the drivers for attacks are not clear. 70% of brands generally have no idea of the motive of the attack, though 15% say they have experienced ransom attacks, and 35% a politically motivated one, reflecting the growing enthusiasm to exploit geo-political events in the world – the conflict in the Ukraine being a notable example this year.