Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Tuesday, January 29, 2013

Report: DDoS attacks harder to detect and defeat

Burlington, Mass.-based network security and management solutions provider Arbor Networks today released its 2012 Worldwide Infrastructure Security Report which offers an unsettling analysis of the evolving distributed denial of service (DDoS) threat for both service providers and enterprises. “It’s the easiest way to break down a company or attack a network and in many ways we’re seeing it as part of a broader set of attacks that are more sophisticated and conducted by nation states.” Today, according to the report, the threat is even greater, morphing into something called hybrid or multi-vector attacks in which hackers use a variety of channels, devices, and tactics to launch their assaults, leaving data centers especially vulnerable.

DDoS first reared its ugly head in the late 1990s and early 2000s as simple, financially-motivated, brute force attacks in which hackers would attempt to overwhelm network and data center operators with external communication requests, causing system overloads and crashes.  Over the years, DDoS attacks have grown in sophistication and efficiency, moving from heavy-handed hardware overloads to application-layer attacks that could look like legitimate network traffic, making it much more difficult to detect and defeat the threat.

“What we’ve seen with the most recent attacks is that it isn’t about how big the attack is – because they weren’t the biggest attacks – it’s about how smart they are,” Moynahan said.

Adding to the challenge is the proliferation of “bring-your-own-device” (BYOD) business models in which companies encourage their employees to use their own smart phones, tablets, and other devices for work, giving hackers more entry points into networks.

To meet the new threats head on, Arbor is going beyond the conventional and increasingly outmoded method of using firewalls and other basic network protection methods that can eventually require too much bandwidth and infrastructure, compromising network availability. To provide its clients with end-to-end traffic visibility to monitor the DDoS threat landscape and minimize risk, Arbor employs a number of solutions, including a new cloud-based active threat level analysis system called ATLAS—a collaborative project in which Arbor clients share anonymous traffic data totaling almost 40 terabytes per second to spot malware and botnet threats across the Internet.


Posted on 01/29