Cloud computing is seeing a steady and undeniable growth in adoption across all types of industries.
Growing just as progressively, however, is the extent to which it puts many corporate networks directly in cyber attackers’ line of fire – most specifically when it comes to distributed denial of service (DDoS) attacks.
The challenge with moving servers and data into the cloud is that it increases the attack surface. Suddenly you’re not the only one at risk from a DDoS attack.
The cloud service provider’s other customers are too, and that can have implications for everybody involved.
An article from The Register says that private cloud is like getting into the same bath as everyone else. “Who are you sharing your servers with? No matter whether your environment is co-located, or a single or multi-tenant hosted environment, you may be rubbing shoulders with other companies less salubrious than yours, [which] draw more attention online. If that attention includes denial of service traffic, your business could suffer.”
“As the article explains, you could be sharing a private cloud data centre with the Westboro Baptist church and should Anonymous decide to teach it a lesson, there may be some spill over,” said Bryan Hamman, Arbor Networks’ Territory Manager for Sub-Saharan Africa.
“Internet of Things (IoT) devices are proliferating across networks, something that brings with it as many business benefits as it does risks.
“According to the latest Annual Worldwide Infrastructure Security Report (WISR) produced by Arbor Networks and released in January 2018, 48% of respondents in the enterprise, government and education (EGE) sector experienced multi-vector attacks, while 57% of this same group saw their internet bandwidth saturated due to DDoS attacks, up from 42% the previous.”
The 2018 WISR notes the following breakdown within targeted customer verticals among its service provider respondents during the period of the report:
- End-user/subscriber: 70% targeted by DDoS attacks
- Financial services: 41% targeted
- Cloud/hosting: 39% targeted
- Government: 37% targeted
- Gaming: 32% targeted
- Education: 29% targeted
- eCommerce: 26% targeted
- Gambling: 21% targeted
- Manufacturing: 14% targeted
- Healthcare: 10% targeted
- Energy/Utilities: 10% targeted
- Law enforcement: 9% targeted
It’s a bitter pill to swallow, says Hamman, but the increase in intelligence and severity of the DDoS attack and its prevalence across devices that operate through or live in the cloud have seen C-suite and company boards moving DDoS defence to the top of their priorities lists.
“Because these attacks are so frequent and intense, attempting to stop them at source is not a practical option,” he says.
“There is also the constant threat of being caught in an attack – even though you may not be the target – but there are actions to be taken that mitigate the harm associated with a DDoS attack, one of which is to deploy multi-layered protection from the edge of the network through to the cloud.”
On-premise protection does well to guard against attacks aimed at the security infrastructure of the organisation and it also prevents stealth attacks that bypass firewalls and intrusion prevention systems, but low-and-slow application-layer attacks generally fly well under the radar of many cloud-based solutions and traditional solution like firewalls and IPS.
These types of attacks can only be detected and blocked by purpose-built intelligent DDoS mitigation solutions. Using a solution of this kind enables users to manually signal the cloud deployment about the attack, while users can also pre-set the on-premise solution to automatically send a cloud signal upstream when a threshold is reached.
“This solution would also proactively protect against high-bandwidth DDoS attacks whilst enabling enterprises to maintain control over DDoS mitigation via the on-premise solution,” added Hamman.
Click below to share this article