Wednesday, 1 June 2016 Blog ehdf

Distributed Denial of Service Attacks: How They Changed in 2015

Simply setting up an IT Infrastructure with the best equipment, software and management is not enough. As many big companies learnt the hard way, a proactive approach to security is central to good customer service and robust market reputation.

The Distributed Denial of Service Attack (DDoS) in 2015

There are many ways in which a company and its data is rendered vulnerable. There might be accidental breaches initiated by employees. There might be virus attacks. And there might be problems created by the discreet and undetected installation of malware by supposedly legitimate applications. But the threat that is looming the largest on the horizons of companies is that of DDoS attacks. In layman’s terms, a DDoS attack attempts to exhaust the resources of a server and overwhelm it by bombarding it with a huge number of data requests. Under such a relentless onslaught, the entire network succumbs and the legitimate users of a website or an app are denied much needed service. The ‘Distributed’ in DDoS stands for the fact that the packets causing the problem originate from multiple machines in different geographic locations, making it extremely tricky to remedy the situation.

Even though DDoS attacks have been around for a very long time, 2015 saw some startling and disturbing developments which should make companies sit up and take more robust and sophisticated precautions.

-A survey byArbor Networks Inc. shows that the average size of a DDoS attack increased, both in terms of number of bits per second and the number of packets per second. In fact, more than 21% of attacks routinely topped the 1GB/second mark.

-Reflection amplification attacks are unfortunately becoming more and more popular. Exploiting the lack of filters on network boundaries to deny access to packets or queries with forged IP connections has added fuel to the fire, allowing hackers to confuse the origin of the attack and achieve instant amplification in malicious query volume.

-Multi-vector DDoS attacks are being mounted with greater precision. Not only are volumetric assaults exhausting the available bandwidth of a network, state exhaustion attacks are taking advantage of firewalls and depleting the capacity of the state connection tables as well, effectively blocking out innocent users.

Here are three things that can be done to mitigate DDoS Attacks of the future:

Traditional security is no longer a protection against DDoS attacks that are rapidly becoming more sophisticated. Companies must take a leap of technology and position themselves one step ahead of hackers to insure their best interests.

1.Border patrolling is a must: Nip the problem in the bud by staying on guard near the boundaries of your business network. Deploy appliance based solutions that detect requests from forged IPs or unusual activity and close down network access immediately. Striving to stop the attack once it is in the system is a Herculean task.

2.Communication with Hosts and ISPs is essential: If you are prepared and all your providers are blithely unaware of their responsibilities, then your security is bound to be compromised. Draw up SLAs that specify how your hosts are supposed to act and remedy the situation if your co-tenants are attacked by a DDoS onslaught.

3.Use Adaptable Security Units: They are expensive but adaptable security units are capable of sampling packets/data from an attack and updating their protection algorithms to best tackle the situation. Some have point to point attack mitigation capacities of up to 40GB/sec which is enough to handle most DDoS onslaughts.