Exclusive: DDoS attack like Dyn, Github are rare but enterprises must deploy automatic , says Sean Newman, Corero Network Security

Attacks on the scale of Dyn and Github are rare – however, much smaller, more calculated, attacks are experienced by thousands of enterprises on a daily basis and these can have just as a significant impact for the target, says Sean Newman, Corero Network Security.

Must Read

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the protection flavours (always-on or on-demand)

How tech bolster security of online gaming platforms

The rise of online gaming and is evident throughout the world’s financial capitals with the UK, US, and a few other European nations at the forefront

Explained: The evolving nature of cybersecurity threats

Concerns such as hacking and the presence of computer viruses have existed for decades in one form or another. As technology evolved over the years, so did the   threats themselves.

One of the world’s leading software development platform GitHub recently came across possibly the biggest ever reported distributed denial-of-service (DDoS) attack. The attackers were able to exploit the vulnerability in the memcached servers. Memcached servers are used by database driven websites such as Facebook, Twitter and Reddit to boost their platform performance. But according to reports, as of July 2017, of the 106,001 servers that used memcached, over 69% were found vulnerable and could be susceptible to a remote hack. In the case of GitHub, DDoS attack was thwart within 10 minute, thanks to pro-activeness of content delivery network services provider but that may not be the case with large number of organisations.

So, to understand the impact and how organisations can mitigate the risk of DDoS attack, TechObserver.in Sanjay Singh conducted an email interview with , director at Corero Network Security. According to him, attacks on the scale of Dyn and Github are rare – however, much smaller, more calculated, attacks are experienced by thousands of enterprises on a daily basis and these can have just as a significant impact for the target. “If an enterprise cares about its online services, the best action is to deploy dedicated, always-on, automatic DDoS protection and avoid the need to recover at all,” said Sean.

What are the most optimal way of ensuring resiliency of Internet in the light of DDoS attack?

DDoS typically floods the target’s IP address space directly, with its attack traffic, sometimes sending large volumes to “fill the pipe” but, more often, just sending enough volume of traffic to cripple a specific server, service, application or infrastructure device  – the only way to ensure online resiliency, is to invest in the latest dedicated DDoS protection solutions, which can protect the entire network infrastructure, delivering always-on automatic protection, with the ability to surgically remove bad DDoS packets and leave the good packets to carry on to their destination.  Other -based solutions are available but these typically take in the order of ten minutes, to an hour, to fully engage mitigation, leaving the target fully impacted by the attack in the intervening period.”

Can masking DNS or having secondary DNS be the ultimate safeguard against DDoS attack?

Implementing best practices and investing in a secondary service can help with DNS resilience but, ultimately, this will not reduce the chances of getting impacted by DDoS attacks.  The main reason being that DDoS typically floods the target’s IP address space directly with its attack traffic, bypassing DNS altogether.

What are the key security measures that you see, can thwart DDoS attack?

The only way to avoid DDoS attacks having any impact is to deploy dedicated, always-on, automatic DDoS protection and choosing a solution which has the ability to surgically remove bad DDoS packets and leave the good packets to carry on to their destination.

What has been the biggest security challenge for the CIOs in recent times?

The biggest challenge of recent times has been avoiding intellectual property and/or customer details being stolen, en masse, from across the Internet, using carefully planned, advanced, targeted attacks.  And, DDoS has been seen to be used as part of these attacks, creating smokescreen distractions, or making security infrastructure ineffective or blind to the real motive for the attack.

If an enterprise has been hit by DDoS attack, what best they should to bring the services back?

Attacks on the scale of Dyn and Github are rare – however, much smaller, more calculated, attacks are experienced by thousands of enterprises on a daily basis and these can have just as a significant impact for the target.

If an enterprise cares about its online services, the best action is to deploy dedicated, always-on, automatic DDoS protection and avoid the need to recover at all.  Without any dedicated DDoS protection in place, they will either have to ride out the attack, hoping it doesn’t last too long, or work with their service provider to block all traffic to the impacted IP address(es) for the duration, so they can begin recovering their services sooner – either way, those services will be offline for their customers for the duration of the attack, which will likely prove extremely costly for lost revenue, reduced customer confidence, and overall reputation damage.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Sapience Analytics signs distribution agreement with Redington

Sapience Analytics and Redington said that they have entered into a distribution agreement where latter will resell the Sapience Vue solution through its network of over 30,000 channel partners, system integrators, and value-added resellers countrywide.
- Advertisement -SAP Hana

Related Articles