Preventing DDoS armageddon

Davey Winder ponders how large a DDoS attack would have to be to take down multiple providers, and asks what businesses can do to protect themselves.

Darien Kindlund, senior staff scientist at security vendor FireEye, backs the view that the frequency and severity of DDoS attacks is likely to increase in future, but so are other types of attacks, too.

"Orchestrating a massive DDoS attack against one or more targets certainly requires a lot more planning and resources than launching a spear-phishing campaign against that same firm. Both can disrupt the victim, but one is substantially cheaper and easier to execute," said Kindlund.

DDoS attack mitigation

IT Pro asked Rico Valdez, senior security researcher at endpoint security firm Bit9 for some advice on how to evade DDoS Armageddon.

"There are a few ways to deal with a DDoS attack that exceed the limit of an organisation's internet bandwidth," he said.

"The first is to work with your provider and understand what they can do for you in such a situation. Some providers provide DDoS mitigation services that will help in these cases."

Another option is to provision "fatter pipes" with DDoS mitigation systems that can handle large volumes of traffic, advised Valdez.

"In an attack, traffic could be directed down the fatter pipe and through the mitigation device. This might be cost effective for some organisations, as the large pipe would only be used in the event of an attack," he said.

Lastly, companies should also consider geographically distributing their web servers so the attack volume is distributed to various front ends.

"This might be accomplished with any cast routing or other mechanisms. This has an added benefit of improving performance for your customers, as they will be directed to the site closest to them," Valdez concluded.

"As such, while DDOS protection is ideal, firms need to consider the likelihood of these attacks compared to the increasing frequency of other, easier attacks to execute.

"Based on that risk analysis, informed organisations can make the decision about whether or not to invest in localised DDoS protections, outsource their DDoS protections to a third-party or to forgo the investment altogether," he added.

However, Marty Meyer, CEO of Corero Network Security, claims companies that try to protect themselves from Armageddon-style DDoS attacks could be fighting a losing battle.

"There are certainly some key things that an organisation can do to increase their chances of remaining protected, but with the sophistication of these attacks growing so much, many will struggle whilst using their current security infrastructure.

"Traditionally, organisations have relied on firewalls to protect against DDoS attacks, but in reality a firewall can only do so much to protect against these increasingly sophisticated attacks, whether they are relatively simple flood attacks from botnets, or the far more advanced Application-Layer attacks."

As a result, he said companies need to start thinking about a new first line of defence that can stop DDoS attacks, protect the firewall, and allow it to continue to block unwanted connections.

"It is an interesting and worrying time when you take DDoS in to consideration, and we are no doubt going to see these attacks continue to grow in power and sophistication," he added.

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Roadmap 2021: What’s coming from 3CX
Advertisement Feature

Roadmap 2021: What’s coming from 3CX

30 Mar 2021