Managed DDoS mitigation service is the most cost-effective solution against DDoS attacks

(01/06/2010)

DDoS attacks are increasing in frequency, scale and sophistication. A report by Forrester found that just under 75 percent of respondents had been a victim of one or more DDoS attacks within the past year. All affected organisations were from varying sectors but said the consequences were the same: their ISP’s services were disrupted and their companies consequently lost revenue.

Last week CNN reported that Media Temple, the web hosting provider for a range of blue chip companies, being hit with a sophisticated distributed denial of service attack. The Associated Press also reported that a Nebraska man has been sentenced to a year in federal prison for his role in a cyber attack on the Church of Scientology's websites two years ago.

VeriSign security expert Matthew Bruun commented, “This case highlights the gravity of the situation around DDoS attacks. The fact that the attack against the Church of Scientology was recognised as a serious cyber crime – to the extent that the perpetrator went to prison for it – shows the seriousness of this sinister threat. The losses a business can incur through a targeted DDoS attack are enormous, even if they’re not out of action for long. We have typically found that businesses attempt to protect themselves with dated measures such as over-bandwidth provisioning, which are costly and ineffective.”

Businesses should consider investing in managed services. Bruun comments, “For a growing number of organisations, the most cost-effective and comprehensive solution is a managed DDoS mitigation service.” Managed DDoS mitigation services provide benefits in-house solutions cannot, including:
· The ability to “scrub” packets and divert malicious traffic while still in the cloud
· An inherently larger capacity to handle traffic and efficiently divert malicious traffic
· Built-in massive bandwidth and multiple NOCs for redundancy and high availability
· DDoS mitigation expertise and around-the-clock staffing
· A more global view of Internet traffic, threats and attack trends
· Carrier and ISP neutrality, enabling equal levels of protection across all the carriers and ISPs an organisation uses worldwide

To mitigate the risks of DDoS attacks, companies would also benefit from employing the following practices:

1. Centralise data gathering and understand trends. It’s vital to understand what normal network traffic looks like, and to identify anomalies quickly and accurately. By working with expert security researchers, organisations can better track trends and threats. And they can implement effective DDoS-specific alerting, logging and reporting systems.

2. Define a clear escalation path. A fast and effective response is key to mitigating DDoS attacks, so enterprises need systematic processes and methodologies in place. For instance, defining incident response teams and preparing for downtime before an attack occurs can restore operations sooner, with less devastating effects.

3. Use layered filtering. Even as unwanted network traffic is blocked, legitimate traffic must be allowed through with minimal latency. Filtering traffic in layers, rate-limiting traffic, and enhancing rule sets over time all are key to achieving this.

4. Build in flexibility and scalability. A scalable, flexible infrastructure helps ensure systems function properly under attack conditions. IT managers should test the limits of IT components to know their breaking points; enforce hardware and software diversity so an attack targeting one platform doesn’t bring down the entire network; and do what it takes to provide on-demand capacity within a load-balanced infrastructure.

5. Address application and configuration issues. With DDoS attacks evolving from brute force traffic floods to subtle infiltrations of the application layer, organisations need better insight into application thresholds and vulnerabilities. Business should address simplistic configurations and common application vulnerabilities.

Related topics:  Hacking and intrusion prevention 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources