Tackling the DDoS Threat in the Complex Digital Landscape

With more devices being added to the internet of things every day, more vulnerabilities appear to entertain cybercriminals.

Maria_Sirbu_Linkedin.png

Maria Sirbu works in Business Development at Voxility.

In the time it takes you to read this sentence, there is a vast amount of data being created across hundreds of networks all over the world. Businesses need to constantly innovate, increase productivity and mitigate risks wherever possible. As more and more organizations are now increasingly dependent on internet-enabled technology, it is critical to constantly monitor all potential threats that may jeopardize “service availability”.

DDoS attacks continue to be one of the most discussed cybersecurity issues within the industry. Most enterprises are equipped with various tools to tackle a distributed denial of service (DDoS) attack but the threat is evolving and has the power to do more damage than ever due to the introduction of new technologies. With more devices being added to the internet of things every day, more vulnerabilities appear to entertain cybercriminals.

DDoS attacks grow in number and sophistication year-over-year. Among other players in the DDoS landscape like Akamai, Netscout and Corero, Voxility  has also reported an increase in DDoS attacks in 2018 across its network. CDN, streaming, hosting and cloud providers are top of the list as companies seeing an increase in DDoS incidents. Industry peers research points to be a continuous growth of up to 13-16 percent from 2017 to 2018.

The digital world evolves at a pace that essentially requires an effective way to operate against cybersecurity threats combining both hardware and cloud solutions. Attackers have improved sophistication and frequency of attempts, exploiting faster internet speeds and the adoption of new data technologies.

Accenture’s "Reinventing the Internet to Secure the Digital Economy" report found that a high number of organizations are adopting new and emerging technologies faster than they can address related security issues. This is inherently problematic as such devices bear the most risk.

How this Affects the Industry

Attacks are more meaningful than just enterprise data loss, they also hinder the rate of adoption of next-generation technologies. Businesses must take time to carefully consider the impact of individual breaches and help mitigate risk - for not only themselves but the wider industry.

Massive DDoS attacks can cause inoperability of the entire infrastructure, service outage and can lead to considerable financial losses.

Concerns have been echoed in other researchers as well. A survey by Ping Identity revealed that security worries restrict the adoption of cloud services, with respondents identifying security as the biggest barrier to cloud adoption (43 percent) and Software-as-a-Service (37 percent).

As businesses explore new technologies, be it virtualization or blockchain, processes to deter cyberattacks must not just be initiated, but perfected and ingrained within infrastructure.

While general awareness within security has increased, internet networks must do more to continuously assess their situation and ensure they are impenetrable. Deploying multiple security strategies simultaneously will ensure that extra layer of security.

There is much to be learned in the aftermath of historical attacks. Using network behavior anomaly detection (NBAD) and machine learning can detect and block previously unseen attacks, while faster mitigation can significantly reduce the risk of a critical attack.

Pulse wave attacks highlight the importance of instant response. This tactic results in large spikes to the target that lasts just minutes. A traditional scrubbing center comes in handy with its high bandwidth availability to “absorb” the attack.

Protect Your Data to Protect Others

Today, DDoS attacks are relatively easy to launch. Thankfully, DDoS mitigation technologies and techniques are constantly improved to meet an unprecedented threat, but things may look somehow different if protection against DDoS attacks starts by protecting your own data first.

Protect against vulnerabilities by ensuring ‘security-by-design’ and embed protective measures into architecture. Start with what sort of processing your data center is going to be undertaking, whether it be on premises or in the cloud, then identify key assets and resources that need to be secure and introduce a system designed explicitly to protect these resources.

Additional features and security policies should be monitored and continuously improved, audited with a specific frequency. This includes ensuring protocols provide authentic routing information, which reduces domain name hacking, creates accountable and transparent algorithms, to simply locking server rooms and ensuring you have a reliable monitoring strategy.

Encryption, multi-factor authentication and standard technologies such as firewalls, IDS, IPS are key security controls for both public networks and on-premises data storage, while multi-factor authentication, encryption, single sign-on, and biometrics authentication are the most effective controls to protect such data.

Hype, confusion, and unknowingness can affect the implementation of new cybersecurity tools. Professionals often prefer to exhaust existing methods before trying something new but such methods do not provide the level of security needed for new technologies introduced through digital transformation.

New technologies can add real value in both business and security, but one cannot without the other. There is work to be done in preparing employees and engineers for the introduction of AI and machine learning, but extra training can help. Training should be continuous and reflective of previous cyber threats. There are no short-cuts here but this should not deter businesses from exploring new ideas and innovation.

Opinions expressed in the article above do not necessarily reflect the opinions of Data Center Knowledge and Informa.

Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish