Story image

DDOS threats – is your business really protected?

29 Jun 18

Targeted cyber-attacks are now, more than ever, a critical concern for all businesses. Threats from ransomware to DDoS attacks, have been regularly making headlines. There is, without a doubt, a growing awareness of the sheer volume of these attacks and they are hitting businesses of all sizes.

Distributed Denial of Service (DDoS)

DDoS attacks aims to render a server, service or an infrastructure unavailable by overloading the server's bandwidth or monopolising its resources until the point of depletion.

During a DDoS attack, a multitude of requests are sent simultaneously from multiple points across the internet. The intensity of this "crossfire" renders the service unstable, or even worse, unavailable.

An unavoidable phenomenon

It is now easier than ever to launch a DDoS attack. You no longer need advanced technical skills to disrupt a service or make it unavailable. Attacks are increasingly frequent and intense but they are also increasingly sophisticated (and constantly evolving). They are designed to create major disruption that does not only impact the bottom-line, but affects reputation too.

A race against time

The race against time has no finishing line. As the internet’s size and capacity expands, the intensity of the attacks will continue to grow. And their sophistication will grow too.

On the one hand, it is important to consider the mechanisms behind the attacks to continuously improve mitigation tactics. On the other, be aware that attackers are trying to understand how protective mechanisms work to get around them or find a vulnerability to exploit it.

An evolving landscape

Greater reactivity will become standard for an increasing number of users. In the field of the Internet of Things (IoT), for example, detection should lead to an immediate reaction.

Indeed, IoT is quickly going to pose another challenge: how to correctly distinguish a DDoS attack from a massive influx of data from connected sensors, which are multiplying exponentially.

From the ground up

Today’s security teams need to think about implementing solutions before building a robust infrastructure. It is imperative to check protection solutions for automated detections and mitigation of the abnormal increase of inbound traffic (i.e. repetition of the same packets in order to destroy the service).

Specifically:

  • Hardware i.e. own appliance inside the entry of the network: it can be a feature included in a firewall or a dedicated device system such as Arbor equipment. The physical layer will provide better protection for inbound packets.
  • Content Delivery Network (CDN): ensure that your CDN is properly configured in order to protect infrastructure from the request (attack) reaching the service (website, game, telephony etc.)
  • Cloud Service Provider (CSP): does your CSP have an in-house solution which defines approved sources of content to maintain your own protection system for more affordable and stronger solutions

Risk mitigation

To ensure systems are adequately equipped to resist attacks it is imperative to understand DDoS mitigation technologies. Ask questions and do not rest until you have the answers.

What mechanisms do you have in place to protect your infrastructure, is your cloud provider doing their job? Do you have adequate protective measures in place to mitigate the impact of attacks? Is your DDoS protection capable of resisting not only the attacks of today but the attacks of tomorrow?

It is not a question of whether you need anti-DDoS protection, but when you will suffer your first DDoS attack.

Article by OVH lead network engineer APAC, Florian Valette.

A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
How to keep network infrastructure secure and available
Two OVH executives have weighed in on how network infrastructure and the challenges in that space will be evolving in the coming year.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.