Australia
Story image

DDOS threats – is your business really protected?

29 Jun 2018
Sara Barker
Share:
LinkedIn
Twitter
Facebook

Targeted cyber-attacks are now, more than ever, a critical concern for all businesses. Threats from ransomware to DDoS attacks, have been regularly making headlines. There is, without a doubt, a growing awareness of the sheer volume of these attacks and they are hitting businesses of all sizes.

Distributed Denial of Service (DDoS)

DDoS attacks aims to render a server, service or an infrastructure unavailable by overloading the server's bandwidth or monopolising its resources until the point of depletion.

During a DDoS attack, a multitude of requests are sent simultaneously from multiple points across the internet. The intensity of this "crossfire" renders the service unstable, or even worse, unavailable.

An unavoidable phenomenon

It is now easier than ever to launch a DDoS attack. You no longer need advanced technical skills to disrupt a service or make it unavailable. Attacks are increasingly frequent and intense but they are also increasingly sophisticated (and constantly evolving). They are designed to create major disruption that does not only impact the bottom-line, but affects reputation too.

A race against time

The race against time has no finishing line. As the internet’s size and capacity expands, the intensity of the attacks will continue to grow. And their sophistication will grow too.

On the one hand, it is important to consider the mechanisms behind the attacks to continuously improve mitigation tactics. On the other, be aware that attackers are trying to understand how protective mechanisms work to get around them or find a vulnerability to exploit it.

An evolving landscape

Greater reactivity will become standard for an increasing number of users. In the field of the Internet of Things (IoT), for example, detection should lead to an immediate reaction.

Indeed, IoT is quickly going to pose another challenge: how to correctly distinguish a DDoS attack from a massive influx of data from connected sensors, which are multiplying exponentially.

From the ground up

Today’s security teams need to think about implementing solutions before building a robust infrastructure. It is imperative to check protection solutions for automated detections and mitigation of the abnormal increase of inbound traffic (i.e. repetition of the same packets in order to destroy the service).

Specifically:

  • Hardware i.e. own appliance inside the entry of the network: it can be a feature included in a firewall or a dedicated device system such as Arbor equipment. The physical layer will provide better protection for inbound packets.
  • Content Delivery Network (CDN): ensure that your CDN is properly configured in order to protect infrastructure from the request (attack) reaching the service (website, game, telephony etc.)
  • Cloud Service Provider (CSP): does your CSP have an in-house solution which defines approved sources of content to maintain your own protection system for more affordable and stronger solutions

Risk mitigation

To ensure systems are adequately equipped to resist attacks it is imperative to understand DDoS mitigation technologies. Ask questions and do not rest until you have the answers.

What mechanisms do you have in place to protect your infrastructure, is your cloud provider doing their job? Do you have adequate protective measures in place to mitigate the impact of attacks? Is your DDoS protection capable of resisting not only the attacks of today but the attacks of tomorrow?

It is not a question of whether you need anti-DDoS protection, but when you will suffer your first DDoS attack.

Article by OVH lead network engineer APAC, Florian Valette.

Related stories:
Businesses not adopting reasonable care standard for security
DNS amplification attacks increase 1000% since last year - Nexusguard
Second Akamai scrubbing centre opens in Melbourne
DDoS attacks on the rise despite taking a summer break 
Only 20% of organisations use cloud DLP – Bitglass
ThetaRay offering uses AI against financial cybercrime
Dig deeper:
Story image
22 Nov
Local governments need to act to protect privacy of citizens
"We are seeing a real-world effect of technology creep on our privacy rights in Australian cities through the rapid expansion of surveillance technology in public spaces."More
Download image
Key aspects of designing a secure data centre
When considering data centre security, you will need to decide which security functions need to be deployed and where you want to deploy them.More
Story image
02 Dec
Interview: Cloudera on why analytics is key in the fight against financial crime
Cloudera’s co-managing director of financial services, Dr Richard Harmon, shares his thoughts about financial crime and how analytics can shape the next generation of financial crime prevention.More
Story image
Today
Norton 360, best all-in-one internet safety package
A Norton 360 Premium one-year subscription protects up to five of your devices, including your Mac, PC, iOS, and Android devices. More
Story image
20 Nov
GlobalData: A/NZ security service spending set to skyrocket
Australia and New Zealand are estimated to witness the highest compound annual growth rates (CAGR).More
Story image
06 Dec
Organisations still not getting cybersecurity fundamentals right - Wavelink
Research shows that nearly 60% of organisations that suffered a data breach in the two years between 2016 and 2018 fell victim to a known vulnerability with patches available.More
Story image
Local governments need to act to protect privacy of citizens
"We are seeing a real-world effect of technology creep on our privacy rights in Australian cities through the rapid expansion of surveillance technology in public spaces."More
Download image
Key aspects of designing a secure data centre
When considering data centre security, you will need to decide which security functions need to be deployed and where you want to deploy them.More
Story image
Interview: Cloudera on why analytics is key in the fight against financial crime
Cloudera’s co-managing director of financial services, Dr Richard Harmon, shares his thoughts about financial crime and how analytics can shape the next generation of financial crime prevention.More
Story image
Norton 360, best all-in-one internet safety package
A Norton 360 Premium one-year subscription protects up to five of your devices, including your Mac, PC, iOS, and Android devices. More
Story image
GlobalData: A/NZ security service spending set to skyrocket
Australia and New Zealand are estimated to witness the highest compound annual growth rates (CAGR).More
Story image
Organisations still not getting cybersecurity fundamentals right - Wavelink
Research shows that nearly 60% of organisations that suffered a data breach in the two years between 2016 and 2018 fell victim to a known vulnerability with patches available.More
Story image
Druva extends data protection capabilities for AWS workloads
Capabilities include backup and data management, and long-term archiving for Amazon Elastic Block Store (EBS) snapshots.More
Link image
White Paper: Choosing the right Business Continuity and Disaster Recovery service provider.
You have designed your Business Continuity Plan and the next step is to choose your service provider. What are the most important things you should consider when choosing one for your business?More
Story image
Fortinet unveils dynamic cloud security integrations for AWS
“The cloud provides a number of business-critical benefits, and having the right security solutions in place is key in successful cloud operations.”More
Story image
Fortune 500 firms weigh in on equipment failure risk
Fortune 500 companies are increasingly concerned about the risks of critical equipment failure and cyber attacks on industrial control systems.More
Story image
Black Friday fraud: Who foots the bill?
“Given the incredibly high volume of transactions over the coming weekend, and indeed the whole festive period, often merchants will accept that fraud will be higher than usual."More
Story image
Parents unsure how to approach 'the dangers of the digital world'
A new report finds that Australian parents are aware of digital threats, but they lack confidence when it comes to knowing how to deal with safety.More
Story image
Trend Micro leads market share for hybrid cloud security - IDC
Software-defined compute technologies are often used in the context of public or private clouds, but can also be implemented in non-cloud environments.More
Story image
Disney+: Is it safe to subscribe?
"Excitement has been building for Disney+ and while it's in limited release, people will seek out alternative means to use the platform."More
Story image
Businesses not adopting reasonable care standard for security
One of the most serious disconnects between CISOs and other business leaders is their approach to the reasonable care standard for security and resiliency, Wavelink says. More
Story image
Microsoft-backed security firm SpyCloud amplifies enterprise protection
Cybersecurity firm SpyCloud is an up-and-coming star in cybersecurity – and with US$21 million from Microsoft’s venture fund behind it, SpyCloud’s future is almost limitless.More
Story image
Cyberattacks becoming increasingly targeted in nature, research finds
The number of unique cyber incidents have increase for third quarter of 2019, according to a new report on the cybersecurity threatscape.More
Story image
Hands-on review: Protect your family from cyberthreats with ESET Smart Security Premium
Smart Security is an antivirus, anti-theft, and antispam module for Windows devices, and has additional features such as parental controls, file encryption, and parental controls. More
Story image
Sophos launches threat intelligence & analysis platform for developers
Sophos’ cloud-based threat intelligence and analysis platform is now available to those who are building applications.More
Download image
The dummies guide to sussing out MSSPs
A pure DIY approach might not be tenable for your organisation depending on your maturity and business goals.More
Download image
The ultimate test: Can these firewalls stand up to malware attacks?
With a multitude of solutions on the market, ESG decided to use malware attacks to evaluate market solutions like Juniper Networks’ automated threat detection and remediation.More
Download image
AWS need not be a minefield: Optimising the cloud journey for real results
Find high-performance outcomes through your use of AWS, and save time and money whilst doing so.More
Story image
APT groups conducting more targeted intrusions – Accenture
Analysts now see an emergence of malware executed through web browsers focused on targeting online merchants and retailers specifically.More
Story image
Hands-on review: ESET Endpoint Protection Advanced Cloud
ESET Endpoint Protection Advanced Cloud is an umbrella of security for business users that integrates the most essential endpoint products.More
Story image
NordVPN launches password manager
Users can download user-friendly browser extensions for Chrome, Firefox, Opera, Brave, Edge, and Vivaldi. More
Story image
Are organisations ready for Zero Trust?
Despite its clear benefits, very few organisations have turned the concept of Zero Trust into a security practice, Forescout finds.More
Story image
Black Friday alert: Financial botnets targeting e-commerce apparel sites
Black Friday is arguably the most anticipated retail sales period in the world, when brands offer consumers the largest discounts and promotional offers.More
Unlocking the potential of unified cybersecurity
To effectively combat these cybercriminals, enterprise security teams must simplify and automate their network and security architecture.More
Ensuring digital transformation doesn't turn into a digital disaster
“Be very clear about what are the risks are you exposed to within any solution, and understand those risks clearly from a business impact perspective."More
Keep your business and personnel operational when disasters strike.
When the unexpected happens, eliminate downtime and business disruptions at Interactive’s Premium Business Continuity facilities. All are equipped with the latest communications, security, power technology and data centres.More
Gartner names Zscaler Leader in secure web gateways
The Zscaler platform processes more than 70 billion transactions and detects approximately 100 million threats per day across 185 countries.More
Hybrid cloud connectivity with VMware Cloud on AWS
The forum introduced the forthcoming VMware Cloud on AWS service managed by Rackspace to business leaders in Australia. More
Defuse the security vs innovation tensions in your workplace
Business leaders can start to address this conflict by asking themselves: “How do we confidently manage the cyber risks inherent in our digital strategy?”More
ANZ Bank warns businesses and customers of phishing scam
"This sole purpose of this elaborate phishing scam is to harvest the login credentials of ANZ customers so the criminals behind this scam can break into their bank accounts."More
OpenText to drop US$1.4B to acquire Carbonite
“This acquisition will further strengthen OpenText as a leader in cloud platforms, complete end-point security and protection.”More
Photo gallery: Inside Microsoft's new Experience Center Asia
Microsoft's Asia Experience Center opened just last week, and already it is attracting customers and partners from around the world. More
New security distributor launches in A/NZ
Started by veteran channel leader, Paul Lim, industry experts Ben Minski and Bill Gatsios will work alongside Paul in spearheading the business.More
Report: The evolution and proliferation of banking malware
Fortinet’s quarterly threat report has the latest on trends and updates on threat actors and attack patterns, showing some surprising findings. More
Interview: Microsoft's Diana Kelley talks talent gaps and D&I
Kelley recently spoke at Microsoft Asia’s new Experience Center, where she talked through her experience as a security CTO, as well as IoT security, what’s ahead in 2020, and diversity and inclusion both in the cybersecurity sector, and in technology.More
Beating public sector procurement fraud – SAS
The single biggest source of crime experienced by public sector entities is the internal employee in a position of trust.More
The BYOD juggling act: balancing security, privacy and mobility
Left unmanaged, personal devices and unmanaged cloud applications can lead to data loss, but if managed too strictly, the IT team risks a backlash from unhappy employees, Bitglass says. More
Enterprises embrace cloud but struggle to assert security & control
Only 11% of respondents said their companies have been ‘extremely successful’ in realising what multi-cloud can do for their organisation.More
Why businesses must build their cloud expertise
Nearly three-quarters of IT decision-makers (71%) believe their organisations have lost revenue due to a lack of cloud expertise.More
Veeam launches AWS-native backup & recovery solution on AWS Marketplace
Veeam Backup for Amazon Web Services (AWS) will be available exclusively through AWS Marketplace as both a free and paid version.More
Venafi uncovers suspicious retail lookalike domains using valid certificates
The total number of certificates using lookalike domains is more than 400% greater than the number of authentic retail domains.More
More stories