How to feel safe in the face of DDOS attacks?

DDOS attacks (Distributed Denial of Service Attack) are characterized by the sending millions of requests over an IP resource (application, server, router, network) to saturate its capacity thus making the service unavailable on the Internet. In recent months, the cyber-security specialists have observed the rise of the volume of attacks as evidenced by the following:

09/22/2016: KrebsOnSecurity, a blog of a journalist and researcher expert in cyber security suffered an attack of 600 Gb per second. According to Andy Ellis, RSSI of Akamai (Cyber security expert), the botnet behind this attack could be active on 1 million devices. The number of devices remains unknown to date.

09/26/2016: OVH has been the largest volumetric attack in history with 1 Tb per second. This attack was carried out by a botnet consisting of more than 145,000 surveillance cameras.

21/10/2016: Dyn was the victim of an extremely powerful attack, with no data available on the volume to date. Nevertheless, we know that a malware named Mirai is the origin of the attack with nearly 500,000 devices like cameras, home routers or baby monitors.

Common to these recent attacks, the Internet of Things (IoT), used as a launching pad to kneel companies whose number of victims is increasing lately.

With nearly 21 billion “Internet of things” to be connected by 2020 according to Gartner, botnets made up of often poorly secured objects could cause much more damage than today. The business challenge is to cope with this growing threat.

Fortunately, some targets were well protected and managed to ensure that their services were not interrupted.

 So how to stop such attacks?

 First and foremost, choose a provider recognized in the market for protection solutions. There are a multitude of security specialists who offer their data cleansing solution (DDOS Mitigation). But all service providers are not equal; key criteris should be used to select the correct partner:

 Let's start with the equipment used, they must be part of the latest equipment both cleaning (mitigation) than detection. OEMs such as Cisco (Mitigation) and Radware (Detection) are examples of good quality equipment with the latest features on the market outlets. We can also quote Arbor Pravail which is a global reference for detection and blocking DDOS attacks whose systems are updated constantly.

The solution itself must be able to protect you against large volumetric attacks. You should therefore favour a player who has a high capacity intake of infected traffic.

In this respect, Tier 1 telecom operators have a strong position thanks to the ability and extent of their networks which gives them greater visibility of global Internet traffic. Some telecom operators have implemented the Flow Spec BGP routing protocol that allows them to expand their capacity to mitigate their Edges. This allows them to add the latest signatures of attacks on routers to stop them from entering the operator's network.

 It is also important that your provider can protect you as close to the start of the attack as possible. Check the geographic location of scrubbing centers (mitigation center) to optimize protection. Attacks should be treated upstream from the scrubbing center nearest to the source of the attack rather than in your network infrastructure.

Olivier LamarreAccount Manager

Level 3 Communications

55 Av. des Champs Pierreux 92000 Nanterre, France

Phone : +33 (0)1 82 88 46 98

Mobile : +33 (0)6 26 84 75 86 Email : olivier.lamarre@level3.com

To learn more aboutLevel 3 Protection Servicesclickhere.