SDN & NFV Amplify Security Threat – Allot
The use of SDN and NFV technologies could further expose telecom networks to cyber attacks, according to a senior executive from Israel's Allot Communications.
Jay Klein, Allot Ltd. (Nasdaq: ALLT)'s CTO, has issued a stark warning that SDN could "amplify" the security problem by "creating lots of stupid nodes reporting back to a central location."
"The central location has better visibility of what's happening on the complete network but if you attack that central location you can kill off the network," he told attendees gathered at Light Reading's recent Big Telecom Event in Chicago.
The Allot executive blamed the introduction of software components for exposing networks to attack and said that infrastructure would be more "physically protected" if these technologies were not used.
Klein's comments are controversial given the growing interest in SDN and NFV technologies, which operators around the world are deploying to improve their service agility and efficiency.
Moreover, some players believe these New IP technologies will actually help them to address their security concerns.
"We see the ability for SDN to be able to interconnect the security platform with the network to improve SLAs [service level agreements]," said Joseph Dahan, the vice president of global business development at Compass Networks (formerly known as Compass-EOS), who was speaking on the same panel session as Klein at BTE. "Japan's Olympics chair says the single biggest problem is cyber attacks and the Japanese are looking at SDN to do something about it."
Japan is set to host the 2020 Olympic Games in the capital city of Tokyo and the country's telecom operators are investing heavily in next-generation technologies to support coverage of the event.
Speaking more broadly about the cyber-security issue, Dahan said that distributed denial of service (DDoS) attacks represented "the single biggest threat on the Internet right now," noting the high-profile attack on GitHub, a coding site, that took place in March this year.
Experts reckon the Chinese government may have been behind the DDoS attack on GitHub, which was hosting an activist website that is banned in China.
Similar attacks may also have led to revenue losses for companies including Sony Corp. (NYSE: SNE) and Microsoft Corp. (Nasdaq: MSFT).
In December last year, Sony's PlayStation store and Microsoft's Xbox Live network both suffered disruption because of DDoS attacks.
Even so, Dave Ostertag, the global investigation manager for US operator Verizon Communications Inc. (NYSE: VZ), thinks the industry has so far been doing a good job of countering the cyber security threat despite a surge in volumes.
"We're seeing volumes like never before," he told BTE attendees. "But while they are massive in nature they don't last long -- if there is disruption it tends to be short."
Nevertheless, Dahan insists the industry is poorly equipped to deal with an escalation in DDoS attacks. "The biggest attack we have seen was 400 Gbit/s -- that is massive and routers just cannot cope," he said. "A big problem is that enterprises are complaining about a lack of resources and being tasked to do more with less, so how do they manage?" (See BTE 2015: Spare a Thought for the Network Security Team.)
Earlier this year, software company Arbor Networks said there had recently been a return to the use of such "big volumetrics" among cyber criminals who were previously focused on much stealthier application-layer attacks. (See Anti-Spoofing Decline 'Bad News' for Security.)
According to Arbor, cyber criminals have been exploiting a widespread lack of anti-spoofing filters, which prevent attackers from faking IP addresses to carry out attacks using so called reflection/amplification techniques.
— Iain Morris, , News Editor, Light Reading