DDoS solutions revamp: The need of the hour

0

By Sanjai Gangadharan

The development of artificial intelligence (AI) and its impact in our day-to-day mundane tasks is growing at an exponential rate. As much as it is a blessing to ease our lives, there is a plethora of challenges also attached to the conveniences. Powering AI with deep learning and big data involves handling the data securely. The data – structured and unstructured – coming from individuals and businesses alike, is always under a security threat. Even the Ministry of Defence (India) website suffered an attack on April 6 from hackers, raising concerns about national security.

Huge amounts of data that are up on the internet, and accessed by billions of people across the world, are highly prone to DDoS attacks. Malwares are often developed at rates faster than the softwares themselves. The Mirai malware that hacked IoT devices like poorly secured cameras and routers were strong enough to render the whole country of Liberia, offline.

The Mirai attack simultaneously affected the telecommunications of 164 countries, including Vietnam, China, United States, Russia and Brazil. The catch about DDoS attacks is that as they are getting smarter, the owner of the hacked property might not even realise that they have been hacked, until and unless the server crashes with overload. This is a huge threat which might even lead to classified data being compromised, without anyone being aware of it until things go visibly berserk.

When cyber-crime investigative journalist Brian Krebs’ website was attacked by Mirai, the size of the attack was close to 620 Gbps in size, as opposed to the largest DDoS assault of 363 Gbps previously known to Akamai, Krebs’ website security provider. The fact that the source codes for most DDoS are freely available on the internet itself, makes the war against malware a difficult one.

The cause and effect
The motives of DDoS attacks range from flimsy to conspiratorial. Heavy traffic is forced onto servers using botnets from compromised systems distributed all over the world. This could be done by terrorists, frauds demanding ransom, political extremists or even school students as a part of their assignments. The assaulter can remotely access the compromised systems and make it perform desired tasks – like alter the server, gather data, do surveillance of a particular area, or trigger a system wipe-out. In less lethal cases, a DDoS attack might just be to have a view of the competitor’s business.

The fact that DDoS attacks are distributed over a network of computers (which are sometimes in millions) makes detection and protection all the more harder. The breath/width/geo-diverse expansion of attacks are what makes building a defence tricky – organisations may not realise what they are defending themselves against.

What’s the best DDoS solution?
As all technology innovations do, DDoS malwares also evolve everyday with more weapons and lesser loopholes. This will be one challenge to be addressed by any upcoming DDoS solution. Customisation of solution according to the type of attacks the business is most prone to is another roadblock to be removed in the devising of an effective, efficient DDoS security system. Telcos, pure-play providers, content development network (CDN) providers, security vendors, and managed security providers supply DDoS security solutions. The lack of awareness of organisations about the versatility of DDoS attacks and products result in them choosing the wrong solution – often without integration across platforms. Hence, consistency and regular upgrades have to be the cornerstones of DDoS solutions.

The second challenge for organisations in choosing the right DDoS solution is the budget constraint. While allocating resources, business leaders have to prioritise between spending money on securing the organisation against prevailing problems and bucking up against attacks in the foreseeable future. While both are equally important and a balance is what should be achieved between the two, businesses seem to be just rolling the dice and reaching a decision.

What the web needs is a DDoS solution that can address the wide range of attacks available to attackers today as well as zero-day threats. The ideal DDoS solution should have cloud scrubbing along with on-premise protection. This will give businesses a complete protection against volumetric, network protocol, application, slow and low, multi-vector, and IoT based attacks. Integration and interchangeability of solutions is also key in maneuvering through protection exercises across platforms and locations.

An adaptive solution, which is future-ready and can actively mitigate attacks against newest IPv6 protocols and networks, is going to be the perfect one-stop solution for DDoS attacks of the present and the times ahead.

(The author is the Regional Driector – SAARC at A10 Networks)