Craig Lusher from our Secure team provides a comprehensive analysis of the latest Distributed Denial of Service (DDoS) statistics from the fourth quarter of the year and their implications for cybersecurity trends.
The fourth quarter of 2024 marked a significant shift in DDoS attack patterns, with 138 recorded incidents. This represents a substantial increase from 3Q’s 37 attacks, though remaining well below historical peaks like 2Q 2023’s 1,106 attacks. October emerged as the most active month, aligning with historical patterns of increased 4Q activity.
This is a trend not just at Continent 8. In fact, 4Q also happened to see the largest DDoS attack ever recorded, with Cloudflare mitigating a 5.6 (Terabits per second) Tbps Mirai-variant botnet attack on one of their customers on October 29.
4Q 2024 demonstrated interesting patterns in attack intensity:
This quarter’s largest attack of 13.4 Gbps represents a decrease from 3Q 2024’s peak of 37.0 Gbps. For perspective, this is dramatically lower than 4Q 2023’s peak of 412.9 Gbps, indicating a significant shift in attack methodologies.
Key statistics for 4Q 2024:
Key statistics for 4Q 2024:
Comparing 4Q 2024 with recent quarters reveals several interesting trends:
This shows a significant escalation in attack frequency during 4Q.
While attack frequency increased, intensity continued to decrease throughout the year.
The decrease in affected customers coupled with the dramatic increase in attacks per customer suggests a shift toward more targeted campaigns.
Comparing 4Q 2024 to 4Q 2023 shows significant changes in the threat landscape:
The higher volume but lower intensity of attacks suggests a fundamental shift in attacker strategies, focusing on persistent, lower-threshold campaigns rather than high-impact events.
The concentration of attacks on fewer customers, with more attacks per target, indicates a move toward more sophisticated, focused operations.
The shorter average attack duration (17.6 minutes) combined with increased frequency suggests a tactical shift toward ‘pulse’ style attacks rather than sustained campaigns.
While individual attack intensities have decreased significantly year-over-year, the dramatic increase in frequency and focus on specific targets suggests an evolution in threat actors’ strategies. The pattern of increased 4Q activity appears to be holding true, though manifesting differently than in previous years.
Organisations should prepare for:
Our best-in-class DDoS solution continues to evolve and in recent months we have amplified our scrubbing capacity to 5+ Tbps, as well as increased our scrubbing centres geographically deployed across multiple continents. Locations include Los Angeles, Chicago, New York, Miami, London, Amsterdam, Frankfurt, Singapore, Hong Kong and Sao Paulo.
Key features of our mitigation solution:
DDoS protection should also form part of a wider, multi-layered approach to cybersecurity. A 360-degree, end-to-end protection strategy should include DDoS mitigation solution as well as WAF/WAAP protection, MDR/EDR services, SIEM and SOC resources, VAPT assessments, backup solutions, and mobile device, phishing defence and MFA services.
This is the only way to have multiple protections in place for each attack type and to ensure the greatest level of resilience.
To learn more about how Continent 8 can help protect your organisation, contact a member of the team via sales@continent8.com or our Contact Us form.
Jerad Swimmer, Regional Sales Director at Continent 8 Technologies, explores the benefits of Vulnerability Assessment and Penetration Testing (VAPT).
Tribal casinos are experiencing substantial financial growth. As highlighted in my previous blog, 2023 was a landmark year for the tribal gaming sector, with revenues hitting a record $41.9 billion USD, as reported by the National Indian Gaming Commission. Consequently, tribal casinos are increasingly targeted by cybercriminals, with reports suggesting a nearly 60% increase in cyber attacks on tribes in 2023.
With significant financial and personal data at stake, cybersecurity in tribal gaming and casino environments is a critical priority. But where should you start? In this blog, I’ll explain why Vulnerability Assessment and Penetration Testing (VAPT) is the perfect first step to bolster tribal gaming cybersecurity.
Let’s begin by defining VAPT. Craig Lusher, our Product Principal of Secure Solutions, describes VAPT as the following:
“VAPT is defined as a comprehensive set of cybersecurity services that helps organizations identify, assess and mitigate vulnerabilities in their IT infrastructure, applications and networks. Periodic Vulnerability Assessments (VAs) scan to detect exploitable vulnerabilities in customer networks and infrastructure and record them in a register, prioritizing remedial work and demonstrating continuous improvement. Penetration Tests (PTs) use identified vulnerabilities to further exploit and gain access, testing the efficacy of preventative security measures, procedures and technology.”
By simulating real-world cyber attacks, pentesting enables tribal casino IT and cybersecurity teams to identify system weaknesses and address potential vulnerabilities before they can be exploited by malicious actors. This strategy not only strengthens the casino environment but also ensures that cybersecurity measures remain robust and adaptable to evolving threats.
VAPT aims to establish what we at Continent 8 call a “hardened cybersecurity posture.”
A hardened cybersecurity posture integrates multiple protective layers, adhering to best practices for adaptability to threats and changes. It begins with technical controls such as network segmentation, access management and encryption, complemented by active defenses including web application and API protection, intrusion detection and cybersecurity monitoring. This approach is guided by policies and procedures for incident response and risk management.
The core components of a hardened cybersecurity posture create a robust defense system. Technical controls prevent attacks, while monitoring systems identify threats. Regular assessments are conducted to uncover vulnerabilities and governance ensures consistent implementation. This comprehensive approach ensures that even if one safeguard fails, multiple other layers remain to protect assets.
Implementing VAPT protocols is a beneficial practice for any tribal gaming organization. These measures not only bolster cybersecurity but also streamline internal and external audits.
By maintaining detailed records of testing and remediation efforts, casinos can demonstrate their commitment to cybersecurity to auditors. This transparency not only aids in passing audits but also enhances the casino’s reputation as a reliable and secure establishment.
Regular penetration testing provides tribal casinos with ongoing monitoring and enhancement of cybersecurity protocols, helping them stay ahead of potential cyber threats. This ensures a safer and more secure environment for both operations and players, while also building trust with internal and external parties and stakeholders. This proactive approach, again, is vital in preserving the casino’s integrity and reputation.
When choosing penetration testing tools for tribal casino and gaming cybersecurity, select tools that offer comprehensive coverage, capable of evaluating a wide range of vulnerabilities across multiple systems and applications.
A comprehensive VAPT service should encompass the following:
For more information on VAPT or to book a meeting with me at TribalHub Cybersecurity Summit or the Indian Game Tradeshow (Booth 18), contact me at jerad.swimmer@continent8.com.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your tribal organization’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent.com or fill out our Contact Us page.
Also, be sure to watch the latest episode in our Tribal Talks: Cybersecurity Unlocked podcast series – also available on Spotify – to gain a deeper understanding of the technological advancements, cybersecurity challenges and best practices shaping tribal gaming landscape.
With the rapid evolution of technology, robust cybersecurity is vital for enterprises to protect sensitive information and systems from a range of cyber threats, including hacking, data breaches and malware attacks. As technology advances, so do the methods used by cyber criminals, necessitating the implementation of protective cybersecurity measures.
In this blog, Craig Lusher, Product Principal of Secure Solutions at Continent 8 Technologies, explores how Security Information and Event Management (SIEM) platforms and Security Operations Centres (SOCs) allow organisations to adapt to emerging threats, maintain a robust cybersecurity posture and meet regulatory compliance.
SIEM solutions consolidate security monitoring across an organisation’s diverse technology stack, enabling SOC engineers to detect and respond to threats through a unified management interface. SIEM solutions serve as the central hub of an organisation’s security system, collecting and normalising security logs and events from various IT sources including network devices, servers and security systems. They provide a central register for all security events and logs, performing event correlation, threat enrichment and analysis, filtering out informational events and promoting true security events and threats, helping organisations protect their systems from attacks and breaches.
A SOC, or Managed Security Operations Centre (MSOC), such as those offered by Continent 8 and C8 Secure, is a dedicated team that focuses on safeguarding the company’s systems from security threats. Utilising various tools, such as a SIEM system, they watch over the company’s computer systems, spot any problems or attacks and respond to them quickly. The SOC functions as a cybersecurity team, ensuring everything is running smoothly and securely.
SIEM systems are integral in SOC cybersecurity, offering SOC teams with a holistic view of their cybersecurity events.
To begin, the SIEM system correlates and analyses the aggregated security data from internal sources and external threat intelligence to identify any unusual or suspicious activities that could indicate a potential security issue. Upon detection, it promptly alerts the SOC team, enabling them to address the issue swiftly.
In the event of an incident, the SIEM system provides comprehensive information that assists SOC analysts in understanding the nature and severity of the threat. This insight aids in effective response and helps prevent future occurrences.
Additionally, SIEM systems support compliance efforts by generating reports and maintaining logs that demonstrate the organisation’s adherence to necessary regulations. These systems are indispensable for managing security incidents and events, facilitating efficient monitoring, detection and management of security challenges by SOC teams.
Operating a SOC without a SIEM system would be quite challenging. A SIEM system provides the centralised tool required to gather and interpret security data, which is crucial for effectively preventing, detecting, investigating and responding to threats. While a SOC might use other tools and methods, SIEM systems are integral for streamlining these processes and ensuring comprehensive cybersecurity management. SIEM systems employ advanced analytics and automation to filter and prioritise security alerts, preventing the cognitive overload, or alert fatigue, that occurs when SOC engineers manually process a constant barrage of security logs. This intelligent filtering not only reduces the risk of human error and missed security events but also optimises operational costs by allowing SOC engineers to focus their expertise on critical threat analysis and incident response rather than routine log review. The result is more efficient resource allocation and enhanced security effectiveness.
A successful SIEM and SOC strategy begins with defining clear objectives and goals for each system. Essential components of effective SIEM and SOC strategies include:
Continent 8 offers a comprehensive SIEM and Managed SOC solution that addresses critical cybersecurity challenges. This platform provides centralised visibility of your entire infrastructure, coupled with 24/7 expert monitoring and rapid threat detection and response, ensuring regulatory compliance while allowing maintaining a robust cybersecurity posture.
Our SIEM and MSOC solution consists of the following key service components:
Continent 8’s SIEM platform is a comprehensive, multi-tenant solution that gathers and correlates security data across a customer’s infrastructure. Enhanced by AI-driven SOAR and correlation capabilities with integrated threat intelligence tools, it delivers advanced analytics and automated incident response workflows. The platform is built for high performance, scalability and real-time threat detection, ensuring rapid identification and resolution of security incidents.
Continent 8’s MSOC solution is a fully managed, multi-tenant service offering real-time security monitoring and incident response for customers. Following the NIST framework, it leverages our sophisticated SIEM platform to collect and analyse security alerts, offering customers actionable insights and remediation strategies through tailored playbooks. By outsourcing security operations to Managed Security Service Providers (MSSPs) such as Continent 8, customers can focus on their core business while benefiting from the expertise of Continent 8’s 24/7/365 global SOC team.
Continent 8’s Sentinel managed device is deployed within the customer’s network, aggregating logs and events from various systems, normalising them and preparing the data for secure transmission to the SIEM. It utilises encryption to ensure data integrity and privacy, compressing and deduplicating data to optimise performance. Sentinel enhances security visibility by enabling seamless data collection and forwarding.
Continent 8’s Incident Response System integrates directly into Continent 8’s SIEM to streamline incident response processes. It provides a centralised platform for managing and tracking security incidents from detection to resolution, with built-in automation for workflows and playbooks. By enabling collaborative responses and providing real-time data sharing, it significantly improves incident resolution times while enhancing post-incident analysis and reporting.
Continent 8’s Cyber Threat Intelligence Service serves as a structured repository for aggregating, analysing and sharing cyber threat intelligence. It allows organisations to collect data on threats, actors and campaigns, helping security teams anticipate and mitigate potential attacks. Through its powerful visualisation tools, the service enhances situational awareness and enables proactive threat detection.
Continent 8’s Security Orchestration and Automated Response (SOAR) tool, implemented within Continent 8’s SIEM, provides a no-code automation platform for orchestrating and automating security workflows. Its drag-and-drop interface simplifies the creation of complex incident response processes, reducing manual effort and improving efficiency. With pre-built templates and over 2,000 app integrations, it enables quick deployment of automated responses, ensuring consistent handling of security incidents.
Continent 8’s Threat Analysers and Responders are automation tools integrated into Continent 8’s SIEM that enrich security events with threat intelligence from multiple sources. With over 100 analysers, they provide critical context for observables such as IPs and URLs, supporting faster decision-making during investigations. These tools enhance threat detection and response by simplifying data analysis and improving the quality of incident responses.
Continent 8’s Intrusion Detection System (IDS), combined with our proprietary Continent 8 Sentinel platform, provides advanced network security monitoring, threat detection and response capabilities, delivering unparalleled visibility and security throughout your entire network infrastructure.
SIEM and MSOC services deliver significant cybersecurity enhancements through real-time monitoring, detection and response. This proactive approach aids in the early identification and mitigation of threats by collecting, analysing and correlating data from across a customer’s network with other ongoing security events. Collaborating with MSSPs also guarantees access to a dedicated team of SIEM and MSOC specialists who work closely with your IT team, providing playbooks and optimal risk mitigation strategies to address specific exploits or vulnerabilities, thereby ensuring optimal cybersecurity posture.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your organisation’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent8.com or fill out our Contact Us page.
The year 2024 marked another remarkable chapter for Continent 8 Technologies. Over the course of the year, we expanded our global network, enhanced our infrastructure and cloud services, forged new cybersecurity partnerships, introduced innovative products, launched our inaugural podcast and much more.
Explore below as we reflect on some of our remarkable accomplishments from 2024.
We continue to expand our data centre locations and points of presence globally, with an unrivalled private network of over 100 locations across four continents. Our carrier-grade network, which includes more than 35 global Internet Edge and Internet Exchange locations and over 5 Tb of IP transit capacity, provides resilient, high-performance and low-latency connectivity, ensuring zero-compromise user experiences. We’re equipped to support the growing regulated iGaming and online sports betting sector, covering more than 30 US states and six LATAM and Caribbean regions, including Brazil, an exciting new regulated market.
As the fastest go-to market supplier and the trusted infrastructure and cybersecurity partner to the industry, we power and protect the world’s leading brands, such as bet365, Apricot (formerly Microgaming), BetMGM, DraftKings, FanDuel, PointsBet, Playtech, Sportingtech and more. We also take pride in being a supporting partner to 90% of the top 10 organisations on the 2024 EGR Power 50 Rankings list and over 95% on the 2024 EGR Power US Rankings list.
We were selected to join the prestigious AWS Solution Provider Program (SPP). Through this AWS partnership, we introduced a suite of managed and professional services designed to simplify hybrid and multi-cloud environments and infrastructures. These new services, available via the AWS Marketplace, include:
This effort is part of our expanding cloud initiative designed to support the varied needs of our customers seeking hyperscale, hybrid, public and private cloud solutions.
To continue to provide the industry with comprehensive 360-degree protection, and meet the increasing market demand as a Managed Security Services Provider (MSSP) via our cybersecurity division, C8 Secure, we collaborated with cybersecurity specialists to enhance our range of cybersecurity services and solutions.
In 2024, we partnered with MIRACL, a passwordless multi-factor authentication (MFA) provider, to deliver a secure, single-step MFA solution, ensuring the most secure and efficient authentication experience possible. Additionally, we teamed up with Corrata, an advanced detection and response provider for mobile endpoints, to fortify mobile devices against modern security threats, ensuring secure access to corporate data.
As cyber threats became the new normal in 2024, it is unsurprising that we observed a record number of customers adopting our managed cybersecurity services. Sportingtech, for example, has implemented our Managed Security Operations Centre (MSOC) and Security Information and Event Management (SIEM) services to ensure continuous 24/7 monitoring, prompt threat prevention and rapid response.
In 2024, we marked a significant corporate milestone by meeting and exceeding 300 employees in December, representing a growth of over 20% from 2023. With specialists now located in 19 countries, including our newly established offices in the Philippines, we are dedicated to growing our team to deliver outstanding service and attention to our customers worldwide.
As industry leaders, we are committed to informing, educating and guiding the iGaming and online sports betting community on all matters related to infrastructure, cloud and cybersecurity. In 2024, as an engaged participant in the community, we participated in over 50 industry events, contributed to or led more than 20 industry panels and received 5 industry awards, along with numerous accolades and recognitions for our customer-centric managed services and solutions.
Our enduring presence in the iGaming industry is largely attributed to the strong partnerships we have cultivated over our 25-plus years of operation. Among these is Playtech, a leading provider of platforms, content and services in the industry. In November, we were pleased to extend our two-decades-long partnership, allowing Playtech to further utilise our range of managed and professional services. This renewal underscores both companies’ shared commitment to advancing and shaping the expanding regulated online gaming market.
Shimon Akad, COO at Playtech, stated, “Continent 8 have been our hosting and connectivity partner since the onset of our journey, 20 years ago. Renewing our agreement is a testament to the joint work and success we’ve built together, and I look forward to continuing our strong collaboration for years to come.”
At the 2024 SBC Summit North America, Michael Tobin, the Founder and CEO of Continent 8, was formally inducted into the Sports Betting Hall of Fame. He was recognised for his relentless dedication over the past 25-plus years, driving innovation and fostering growth in the global gaming industry.
Michael expressed his gratitude, sharing, “It is truly an honour to be recognised by my peers, and it’s also a testament to the hard work and dedication of the entire Continent 8 team.
“I am incredibly proud of all that we have accomplished, the value we have added to the industry and the ways in which we have empowered our customers and partners to achieve success. The iGaming and online sports betting industry is constantly evolving, and I am excited to see how we can continue to embark on this journey to grow the market together.”
Broadcom’s acquisition of VMware had a substantial impact on the HCI market. As a Nutanix Authorised Service Provider, we transitioned numerous iGaming and non-iGaming customers from their VMware ecosystems to Nutanix HCI environments. Our own documented journey from VMware’s Cloud Foundation platform to Nutanix’s Acropolis and Acropolis hypervisor (AHV) demonstrated the benefits of a VMware-to-Nutanix migration, reducing hardware infrastructure, physical footprint and operational costs, all with minimal disruption and downtime.
In response to the growing need for tailored cybersecurity services and insights within the tribal gaming sector, we launched the ‘Tribal Talks: Cybersecurity Unlocked’ podcast series. Hosted by Continent 8’s Jerad Swimmer, this podcast provides a unique forum for tribal leaders and experts to share their experiences, accomplishments and lessons learned. Through insightful discussions, listeners gain a comprehensive understanding of the technological advancements, cybersecurity challenges and best practices influencing the tribal gaming industry.
As 2024 draws to a close, we are excited to kick off the New Year with ICE 2025 (stand 2G20) in Barcelona. At ICE, we will showcase our regulatory and compliance-driven hosting, connectivity, cloud and cybersecurity solutions, with our industry experts on hand to discuss and explore the latest technological advancements, trends and challenges for 2025 and beyond.
If you’re interested in scheduling a meeting with one of our specialists or joining us for a coffee at our Caffein8 bar, please visit our ICE 2025 page.