Exclusive: DDoS attack like Dyn, Github are rare but enterprises must deploy automatic DDoS protection, says , Corero Network Security

Attacks on the scale of Dyn and Github are rare – however, much smaller, more calculated, attacks are experienced by thousands of enterprises on a daily basis and these can have just as a significant impact for the target, says Sean Newman, Corero Network Security.

Must Read

How AI monitoring can make your business smarter and better

Artificial Intelligence (AI) makes it feasible for machines to learn from experience, adapt to new inputs, and perform human-like tasks.

Why cybersecurity threats have increased during Covid-19 pandemic

industry has never had more significant task to carry out than guarding strategic associations and businesses from digital assaults during the coronavirus pandemic

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the protection flavours (always-on or on-demand)

One of the world’s leading software development platform recently came across possibly the biggest ever reported distributed denial-of-service (DDoS) attack. The attackers were able to exploit the vulnerability in the memcached servers. Memcached servers are used by database driven websites such as Facebook, Twitter and Reddit to boost their platform performance. But according to reports, as of July 2017, of the 106,001 servers that used memcached, over 69% were found vulnerable and could be susceptible to a remote hack. In the case of GitHub, DDoS attack was thwart within 10 minute, thanks to pro-activeness of content delivery network services provider but that may not be the case with large number of organisations.

So, to understand the impact and how organisations can mitigate the risk of DDoS attack, TechObserver.in Sanjay Singh conducted an email interview with Sean Newman, director at Corero Network Security. According to him, attacks on the scale of Dyn and Github are rare – however, much smaller, more calculated, attacks are experienced by thousands of enterprises on a daily basis and these can have just as a significant impact for the target. “If an enterprise cares about its online services, the best action is to deploy dedicated, always-on, automatic and avoid the need to recover at all,” said Sean.

What are the most optimal way of ensuring resiliency of Internet in the light of DDoS attack?

DDoS typically floods the target’s IP address space directly, with its attack traffic, sometimes sending large volumes to “fill the pipe” but, more often, just sending enough volume of traffic to cripple a specific server, service, application or infrastructure device  – the only way to ensure online resiliency, is to invest in the latest dedicated DDoS protection solutions, which can protect the entire network infrastructure, delivering always-on automatic protection, with the ability to surgically remove bad DDoS packets and leave the good packets to carry on to their destination.  Other cloud-based solutions are available but these typically take in the order of ten minutes, to an hour, to fully engage mitigation, leaving the target fully impacted by the attack in the intervening period.”

Can masking DNS or having secondary DNS be the ultimate safeguard against DDoS attack?

Implementing best practices and investing in a secondary service can help with DNS resilience but, ultimately, this will not reduce the chances of getting impacted by DDoS attacks.  The main reason being that DDoS typically floods the target’s IP address space directly with its attack traffic, bypassing DNS altogether.

What are the key security measures that you see, can thwart DDoS attack?

The only way to avoid DDoS attacks having any impact is to deploy dedicated, always-on, automatic DDoS protection and choosing a solution which has the ability to surgically remove bad DDoS packets and leave the good packets to carry on to their destination.

What has been the biggest security challenge for the CIOs in recent times?

The biggest challenge of recent times has been avoiding intellectual property and/or customer details being stolen, en masse, from across the Internet, using carefully planned, advanced, targeted attacks.  And, DDoS has been seen to be used as part of these attacks, creating smokescreen distractions, or making security infrastructure ineffective or blind to the real motive for the attack.

If an enterprise has been hit by DDoS attack, what best they should to bring the services back?

Attacks on the scale of Dyn and Github are rare – however, much smaller, more calculated, attacks are experienced by thousands of enterprises on a daily basis and these can have just as a significant impact for the target.

If an enterprise cares about its online services, the best action is to deploy dedicated, always-on, automatic DDoS protection and avoid the need to recover at all.  Without any dedicated DDoS protection in place, they will either have to ride out the attack, hoping it doesn’t last too long, or work with their service provider to block all traffic to the impacted IP address(es) for the duration, so they can begin recovering their services sooner – either way, those services will be offline for their customers for the duration of the attack, which will likely prove extremely costly for lost revenue, reduced customer confidence, and overall reputation damage.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Share your views

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Related Articles