Security Strategies

SlideshowWindstream Joins DDoS Mitigation Effort

Yulot 10/25/2017 | 9:33:48 AM
DDoS are not all volumetric A common error across the industry is to only associate DDoS to volumetric attacks (i.e. a wave of layer 3 traffic meant to congest the internet pipe or exhaust data center equipments). Historically the first large denial of service attacks some 10+ years ago were volumetric in essence, however today volumetric attacks only represent 25% of the DDoS campaigns across the industry and most attacks causing denial of services use multiple vectors in a strategic way (volumetric too, but synchronized DNS queries from botnets, low bandwidth attacks like slowloris, brute force, etc..., they also use the growing encrypted traffic as trojan horse, etc).

Some providers are better prepared than others. But too many only look for traffic increase above a "normal" threshold and base their mitigation on getting rid of whatever traffic is above that arbitrary value. It does not necessarily mean they are mitigating attacks accurately (sometimes denying good traffic themselves). In addition, if they are providing security/DDoS services to 3rd party enterprises or government organizations which rely on their online presence to sell or operate, this will result in mitigating good traffic and revenue altogether (in particular during high traffic season like Black Friday or other flash crowd events).

The attacks on Spanish government bodies and some companies by Anonymous in Spain last week (in retaliation for the Catalan independence attempt) went through providers DDoS cloud like a hot knife through butter. They did not even realize their customers had several hours outages. So very important to understand what for vectors are protected by their service (going deeper than DDoS)? how do they detect? how long takes detection vs mitigation? Is it done by humans or behavioral technology based? etc...

Michelle 10/24/2017 | 8:12:36 PM
Joining the ranks This is good. I don't know a lot about DDoS mitigation, but this solution seems like a good option.
Sign In