Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Friday, 27 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Deflecting DDoS – Key Tactics in the Battle Against IoT-Powered Attacks

by The Gurus
October 3, 2018
in This Week's Gurus
Share on FacebookShare on Twitter

By Ronald Sens, EMEA Director, A10 Networks 

What makes a DDoS successful? I asked myself that question at the end of August when the central bank of Spain, Banco d’Espana, was hit by a DDoS attack that took its website temporarily offline. The bank issued a statement acknowledging the attack and stating that “no damage” had been done and its operations, as a central bank with no commercial arm, were not affected, implying that the attack was not successful. Meanwhile, the hacktivist group, Anonymous Catalonia, claimed responsibility and widely shared evidence that it had brought the bank’s web servers down worldwide.

For Anonymous Catalonia, this was a success. As part of their wider #OpCatalonia political campaign that targeted Spanish government internet properties, the attack demonstrated the group’s ability to disrupt central government banking infrastructure and highlighted existing vulnerabilities. Therefore, I’d argue that the reputation of the Banco d’Espana saw undeniably damaging effects. Once the impact of a DDoS attack becomes tangible through slow or non-responsive websites and services, it’s much more than revenues, business continuity and sensitive data that’s under threat – reputations suffer, too. That is the true measure of whether or not a DDoS attack has succeeded, or rather that our defences have failed.

DDoS attacks continue to constitute a major threat to organisations. The latest figures show that attacks are growing in frequency, peak volume and complexity. The increasing prevalence of DDoS-as-a-service means that it has never been easier for cybercriminals – whether politically or financially motivated – to orchestrate attacks. Recent reports have put the cost of purchasing a DDoS attack at as low as just ten dollars per hour. Amplifying this issue is the growing army of unsecured IoT devices that continue to swell the ranks of DDoS botnets, boosting the potential size of attacks regularly into 11GBPS+ territory.

Effectively, protecting against DDoS attacks is now part of the cost of doing business. The question is, faced with this intensive onslaught, what can organisations do to shift the balance in their favour and deflect attacks before they start to damage systems, revenues and reputations? The answer lies in preparation, escalation and scalability.

Preparation – Knowledge is Power

Threat intelligence is a critical weapon in the cybersecurity environment. The cybercriminal community is already sharing tools, tactics and procedures in a bid to breach defences, so it’s only logical that defenders should do the same, in order to provide a strategic advantage to put them a step ahead of attackers.

Take the Banco d’Espana situation as an example: Anonymous Catalonia had announced its intention to target government websites earlier in the month and, while Banco d’Espana was not on the published list, its security professionals should have been alert to the possibility of an attack.

In preparation for a potential attack they could use threat intelligence gleaned by researchers who monitor the millions of compromised IoT bots that can be brought into play in a DDoS attack. This intelligence allows defenders to blacklist servers that are known to be vulnerable to reflected amplification, block infected internet bots’ IP addresses and use large lists of millions of known IoT devices to create custom traffic allocation that blocks malicious devices while allowing trusted traffic through.

Escalation – Be Ready to Respond with Back-up if Necessary

Verisign’s recent DDoS threat report discovered that 32% of attacks were comprised of four or more attack types. Mitigating sophisticated multi-vector attacks requires a defence strategy that can cope with volumetric or network protocol and application layer incursions simultaneously. Here attackers are going after multiple potential points of vulnerability in a bid to get defenders having to keep multiple plates spinning while the damage is done.

As well as putting in heavy duty hardware to automate detection and response, you can be prepared to escalate your defences in the case of complex attacks by having a dedicated DDoS Security Incident Response Team on call. The team is comprised of experienced, certified security experts who are well-versed in defending networks against attacks. This can give you the edge in a battle situation and keep your business in operation.

Scalability – mitigating volumetric DDoS

I mentioned that DDoS protection is now an accepted cost of doing business, but of course that doesn’t mean that budgets are limitless – far from it! The most cost-effective option is to handle DDoS protection on-premises as this works well for “slow and low” attacks, but when a major volumetric attack is in progress you need a defence that is scalable and will stand up to everything that is thrown at it. This is where the cloud comes into play as part of a hybrid defence. Once attack volumes threaten to overwhelm the capacity of your internet pipe and on-premise DDoS protection, you divert traffic to the cloud where it is scrubbed, allowing only legitimate traffic through. This has economic benefits as the cloud is only used when on-premise systems cannot cope, and you are only charged for the traffic that is protected, not all of the traffic that your attackers are generating.

There’s no doubt that we will continue to experience DDoS attacks for the foreseeable future, but I hope that we’ll see fewer of them succeeding. By preparing, escalating and scaling defences we put ourselves in a stronger position to keep businesses operational no matter what is aimed at them.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Monday saw the cybersecurity industry gather for massive Flash Mob event in London

Next Post

Janrain joins forces with Trusona

Recent News

#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023
Lupovis eliminates false positive security alerts for security analysts and MSSPs

Lupovis eliminates false positive security alerts for security analysts and MSSPs

January 26, 2023
Threat actors launch one malicious attack every minute

Threat actors launch one malicious attack every minute

January 25, 2023
The Salt Security API Protection Platform is Now Available on Google Cloud Marketplace

The Salt Security API Protection Platform is Now Available on Google Cloud Marketplace

January 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information