SecurityBrief Australia logo
Australia's leading source of security and threat news
Story image
WatchGuard’s eight (terrifying) 2019 security predictions
Story image
The future of privacy: What comes after VPNs?
Story image
SonicWall secures hybrid clouds by simplifying firewall deployment
Story image

DDOS threats – is your business really protected?

29 Jun 18
Sara Barker

Targeted cyber-attacks are now, more than ever, a critical concern for all businesses. Threats from ransomware to DDoS attacks, have been regularly making headlines. There is, without a doubt, a growing awareness of the sheer volume of these attacks and they are hitting businesses of all sizes.

Distributed Denial of Service (DDoS)

DDoS attacks aims to render a server, service or an infrastructure unavailable by overloading the server's bandwidth or monopolising its resources until the point of depletion.

During a DDoS attack, a multitude of requests are sent simultaneously from multiple points across the internet. The intensity of this "crossfire" renders the service unstable, or even worse, unavailable.

An unavoidable phenomenon

It is now easier than ever to launch a DDoS attack. You no longer need advanced technical skills to disrupt a service or make it unavailable. Attacks are increasingly frequent and intense but they are also increasingly sophisticated (and constantly evolving). They are designed to create major disruption that does not only impact the bottom-line, but affects reputation too.

A race against time

The race against time has no finishing line. As the internet’s size and capacity expands, the intensity of the attacks will continue to grow. And their sophistication will grow too.

On the one hand, it is important to consider the mechanisms behind the attacks to continuously improve mitigation tactics. On the other, be aware that attackers are trying to understand how protective mechanisms work to get around them or find a vulnerability to exploit it.

An evolving landscape

Greater reactivity will become standard for an increasing number of users. In the field of the Internet of Things (IoT), for example, detection should lead to an immediate reaction.

Indeed, IoT is quickly going to pose another challenge: how to correctly distinguish a DDoS attack from a massive influx of data from connected sensors, which are multiplying exponentially.

From the ground up

Today’s security teams need to think about implementing solutions before building a robust infrastructure. It is imperative to check protection solutions for automated detections and mitigation of the abnormal increase of inbound traffic (i.e. repetition of the same packets in order to destroy the service).

Specifically:

  • Hardware i.e. own appliance inside the entry of the network: it can be a feature included in a firewall or a dedicated device system such as Arbor equipment. The physical layer will provide better protection for inbound packets.
  • Content Delivery Network (CDN): ensure that your CDN is properly configured in order to protect infrastructure from the request (attack) reaching the service (website, game, telephony etc.)
  • Cloud Service Provider (CSP): does your CSP have an in-house solution which defines approved sources of content to maintain your own protection system for more affordable and stronger solutions

Risk mitigation

To ensure systems are adequately equipped to resist attacks it is imperative to understand DDoS mitigation technologies. Ask questions and do not rest until you have the answers.

What mechanisms do you have in place to protect your infrastructure, is your cloud provider doing their job? Do you have adequate protective measures in place to mitigate the impact of attacks? Is your DDoS protection capable of resisting not only the attacks of today but the attacks of tomorrow?

It is not a question of whether you need anti-DDoS protection, but when you will suffer your first DDoS attack.

Article by OVH lead network engineer APAC, Florian Valette.

More:
Share on: LinkedIn Twitter Facebook
Story image
WatchGuard’s eight (terrifying) 2019 security predictions
Story image
The future of privacy: What comes after VPNs?
Story image
SonicWall secures hybrid clouds by simplifying firewall deployment
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Bitdefender announces security integration with Kaseya
The new partnership will allow VSA by Kaseya’s cloud and on-premises users to deploy and manage security with Bitdefender Cloud Security for MSPs.
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
Story image
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
Story image
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Story image
Ransomware infection? Here’s how you control the damage
Ransomware has evolved to be more sophisticated and targeted, and remains a threat to businesses of all sizes.
Story image
SD-WAN deployments up, but networking and security challenges persist 
The report, commissioned by Barracuda Networks, includes data from more than 900 respondents in the Americas, EMEA, and APAC.
Story image
Is blockchain a solution to IoT security problems?
Could using blockchain to trace and authenticate IoT data, regardless of what that data is be the answer to the problems plaguing the Internet of Things?
Download image
Whitepaper: How to detect and respond to threats faster
This white paper uncovers how UEBA reduces your organisational risk and enables you to respond more quickly to attacks.
Download
Story image
Sponsored
Interview: Building secure apps from the ground up
Security should be a key consideration from the initial design phase before any build even begins.
Story image
Security tips for SMBs moving to the cloud
"SMBs moving to the cloud should assess and prepare for the changes this will bring to their existing security infrastructure."
Story image
Oracle’s bid to deliver end-to-end cloud security
“The new solutions build on Oracle’s existing security heritage and give customers always-on capabilities that make it easier than ever to achieve end-to-end security."
Story image
Sponsored
Modernising your ERP could unlock a potential goldmine
Businesses with the wrong or outdated ERP systems are being deprived of insights and capabilities to drive their business forward.
Download image
What does sustainable compliance look like?
Getting an organisation compliant is one thing, keeping it that way is another.
Download
Story image
Three access management trends making waves in APAC
Consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.
Story image
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Download image
Using SOLIDWORKS CAD to take an idea from prototype to product
Sound pioneer Nura had an ambitious concept to deliver when it raised almost two million dollars via crowdsourcing and then over five million dollars through a seed round.
Download
Story image
Security experts comment on latest OIAC report
The Office of the Australian Information Commissioner has been notified of 245 data breaches affecting personal information between July and September 2018.
Download image
Whitepaper: Threat detection and risk measurement with machine learning
ResponSight focuses on two key areas of cybersecurity – threat detection and enterprise risk measurement – and the need for more sophisticated approaches in each.
Download
Download image
Avoid underutilising office space with optimisation solutions
Facility managers and security professionals need a real-time view of how their workforce interacts with a building.
Download
Story image
Sponsored
Huge vulnerabilities in software supply chain being exploited
A very exposing report has revealed breaches are rising and response times are falling, largely due to shoddy software development practices.
Download image
Secure your BYOD policies effectively with multi-factor authentication
Multifactor authentication helps organisations secure their cloud applications, privileged access management, VPN access, digital workspaces and company apps in an easy, low-friction method staff can integrate into their workflow easily.
Download
Story image
Digital maturity among APAC CIOs reaches ‘tipping point’
Gartner's new survey has revealed enterprises that fall behind in digital business now will have a serious competitive disadvantage in the future.
Story image
Aus businesses see themselves as prime targets for cyber attacks
The survey of 307 Australian IT and security executives demonstrates the considerable uncertainty faced by businesses in trying to combat cybersecurity threats. 

Download image
The features that should be front and centre when evaluating SIEMs
According to Frost & Sullivan, SIEM can either be an enabler or a retardant and there's a thin line between the two - here's the key attributes.
Download
Story image
Sponsored
You’re invited: Getting proactive about security - an Empired webinar
We all know that proactive security is the best security, but what does that look like? Don’t miss your chance to find out.
Story image
Don’t let your network outgrow your IT team
"IT professionals spend less than half of their time at work optimising their networks and beefing it up against future security threats."
Download image
Whitepaper: Layering security protection for ransomware defense
As cybersecurity threats continue to evolve in complexity, so too does the pressure to have a thorough, well-thought-out, and automated system.
Download
Download image
The security tool conundrum: Can you have too much of a good thing?
Organisations across Asia Pacific are using many different security tools to protect their businesses, but often they have no centralised platform to manage those tools.
Download
Story image
The silent security risk of unstructured data
"IDC estimates that 90% of today’s enterprise data is unstructured."
Download image
Survey: App dev is surging, but how are businesses doing it?
Today “every company is in the software business" to get a competitive edge, and this survey reveals how app dev is affecting IT teams.
Download
Download image
Whitepaper: Why it’s critical to detect cyber attacks as they happen
"Many organisations are struggling to keep pace with the speed in which hackers are attacking their systems."
Download
Download image
Whitepaper: The key to compliance is governing access to data
By implementing a governance-based approach to identity governance, companies can secure their organisation’s sensitive data.
Download
Story image
Sponsored
Impact of legacy technologies on threat alert response and cloud adoption among Aus enterprises
Most Australian enterprises today are hamstrung by the same technologies that once helped advance the nation’s IT economy.
Link image
Increase visibility and productivity with fleet tracking software
Know what’s going on in the field so you can dispatch more efficiently, improve customer service and reduce time spent calling drivers for updates.
Read more
Story image
Sponsored
Cyber crisis continues unabated – is ATP the answer?
Statistics on cybercrime certainly makes for grim reading, and that is set to continue unless businesses take measures to stack the odds better in their favour.
Story image
Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
Download image
Whitepaper: The evolution of physical access control
Despite the enhanced security and convenience that comes from newer options, many organisations are still using outdated and vulnerable access control technology.
Download
Story image
Sponsored
Five major risks of letting shadow IT go unchecked
A department creating its own bespoke IT solution may sound like a good idea, but are the risks really worth it?
Story image
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.
Story image
LogRhythm reports higher-than-anticipated SOAR adoption rate
The company’s embedded security orchestration, automation and response (SOAR) capabilities are embedded in its security information and event management offering.
Story image
Why operational technology environments need to be secured
By understanding the cybersecurity risks in OT, decision-makers are better placed to make smart buying decisions.
Download image
Whitepaper: An inside look at the benefits of cloud
"Cloud computing is revolutionising business, enabling organisations to move faster, spend less and deliver greater value."
Download
Story image
Details of 9mil compromised in Cathay Pacific data leak
Twenty-seven credit card numbers with no CVV were accessed, and the combination of data accessed varies for each affected passenger.
Download image
Cutting through the noise with AI-driven threat analytics
SANS has provided an independent review of a new AI analytics solution designed to rescue businesses 'drowning in data' from SIEM platforms.
Download
Story image
Secure Logic calls on Federal Govt to introduce IoT regulation
“The vast majority of people are not aware of the significant risks posed by unsecured IoT devices.”
Story image
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Story image
2018’s worst malware revealed in report
Webroot has highlighted the top cyberattacks of 2018 in its latest Nastiest Malware list, which showcases the malware and attack payloads that have been most detrimental to organisations.
Download image
The six golden keys to successful identity assurance
When someone tries to access your internal systems, how can you be sure a user is who they claim to be?
Download
Download image
GDPR compliance: A step-by-step guide
The GDPR affects any company that deals with individuals living in the EU and has very specific requirements for the treatment of their personal
Download
Story image
Sponsored
Case study: Startup revamps systems with HID mobile access
“We want our clients to have the best experience here. This is the reason why we chose to work with HID Global solutions."
Story image
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”
Story image
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
Story image
Voter databases available on the dark web - report
A Carbon Black threat report has revealed that destructive cyberattacks are increasing ahead of 2018 US midterm elections.
Story image
McAfee report shows cloud storage remains vulnerable to attack
The report revealed that nearly a quarter of the data in the cloud can be categorised as sensitive, putting an organisation at risk if stolen or leaked. 
Story image
Opinion: Router security leaving major cyber exposure gap
Hardware is frequently tossed to one side upon installation and left to fester without security updates.
Story image
Security cameras – a latent botnet network?
In a comparison of 16 indoor and outdoor IP surveillance cameras, researchers found only one well-protected device.
Story image
Gartner names Bitglass a leader in cloud security
Bitglass was evaluated based on its ability to execute and its completeness of vision.
Story image
Oracle’s Ellison calls out Amazon with next-gen cloud
Larry Ellison claims the rest of the cloud market is based on decade old technology with poor security, comparing Oracle's new offering with Amazon.
Story image
It's official: Microsoft now owns GitHub
The US$7.5 billion deal brings Microsoft closer to the heart of developer communities; with new CEO Nat Friedman replacing former GitHub CEO and co-founder Chris Wanstrath.
Story image
How phishing is evolving to outpace awareness
While email providers have made strides in flagging suspicious emails and source domains, reducing the effectiveness of attacks, attackers’ techniques have also evolved.
Story image
Gartner: data risk audit executives’ top concern for 2019
Annual Audit Plan Hot Spots Report reveals multiple risks and a lack of preparation around corporate data and analytics efforts.
Story image
It's time to rethink your back-up and recovery strategy
"It is becoming apparent that legacy approaches to backup and recovery may no longer be sufficient for most organisations."
Story image
Organisations lack holistic approach to data protection
It is paramount for organisations to have a clear understanding of what data protection is and close the gaps in their protection strategies.
Story image
How ERP can be used to boost business efficiency
"When an ERP solution runs major functions of a business resilience should be built into the technology."
Story image
Sponsored
How to effectively implement a software-defined secure network
The unified SDSN platform combines policy, detection, and enforcement with a comprehensive product portfolio.
Story image
Bitdefender expands offerings with RedSocks acquisition
RedSocks provides non-intrusive, real-time breach detection solutions and incident response services.
Story image
4 tips to keep safe when phishing for treats this Halloween
Jason Howells shares Barracuda MSP's top four tips to protect your business and help identify a phishing scam from a mile away.
Story image
There’s nothing scarier than a data outage
"Stop to imagine what a data outage could look like, a city brought to a complete halt, like a scene out of a horror movie – no power, no hospitals, no transport."