- Written by Jennifer Glenn
Earlier this month, the New York Times published an article about President Obama’s proposed legislation for a “30- day shot clock” which mandates that companies must alert customers about a security breach within 30 days of discovery. The idea behind the legislation is that it is a step in the right direction to ensure customer privacy – this is a noble idea, but how much will this really help?
- Written by Arbor Networks
Three weeks later, the Christmas DDoS attacks against the popular Xbox and Playstation gaming platforms continues to generate headlines. Over the weekend, the BBC reported,
"A UK man has been arrested as part of an investigation into denial-of-service attacks on Sony Playstation and Xbox systems over Christmas.
The 18-year-old was arrested at an address in Southport, near Liverpool.
He is accused of unauthorised access to computer material and knowingly providing false information to law enforcement agencies in the US.
The investigation was a joint operation between UK cybercrime units and the Federal Bureau of Investigation (FBI)."
Given the continued interest in this story, we decided to speak with someone on the front lines of this attack. An 11 year old boy who got an Xbox for Christmas. Enjoy.
- Written by JP Blaho
My first car was a 1983 Mercury Lynx. It was basically a rebadged Ford Escort. Although you had to turn the AC off in order get the car to move, it overall served me well. I did have some issues, but that is to be expected since the car was 7 years old when I first took ownership. One time I was driving home when the car started overheating. It was due to a leak in one of the rubber hoses that fed coolant to the radiator. I noticed it when steam started rising from underneath the hood (the check engine light was always on in that car so it wasn’t a key indicator for me).
I pulled the car into the nearest gas station, and found that there was no coolant left. It had all leaked out. I was about 10 miles away from home, so I waited 30 minutes, filled the coolant chamber with water, and slowly made my way home. My Dad and replaced the hose and added the coolant. Problem solved.
I was reminded of this situation when someone recently asked me a question about Content Delivery/Distribution Networks (CDNs). Their question was, “Doesn’t a CDN protect against DDoS attacks?”
It’s a good question. A CDN, based on its design, will allow some DDoS attacks to be absorbed without blocking access to web content and applications. But there are two things to point out:
- CDNs have a unique use case: CDNs were designed to provide localized availability of web content to the end user. They were used to ensure that access to this content was fast and always available. They were not designed as a security solution, and most certainly not designed to protect against DDoS attacks, especially the Layer 7 and advanced threat attacks;
- CDNs offer no value for security: Although a CDN fortuitously can absorb volumetric attacks, it is not a security solution. It does not offer advance protection capabilities, or provide active intelligence to define and understand the attack, let alone learn from it. A CDN does not take into consideration that the DDoS attack oftentimes is just a smokescreen for a much larger threat that could migrate its way to your network.
A content delivery/distribution network is not a solution to DDoS attacks. Nor was filling up my coolant chamber with water. Although adding water provided me the capability to get my car home safely, it was a stop-gap measure. CDNs are similar in that they can provide some protection from a DDoS attack, but it is not a defense strategy. It may prevent certain types of attacks from denying access to services, but it does not prevent from all DDoS attack types, nor does it prevent future attacks.
Relying on a CDN to protect you from a DDoS attack is an awfully risky defense. You should consider a multi-layered and integrated approach to DDoS protection. If not, you may find yourself stranded on the “side of the road.”
- Written by Arbor Networks
Today’s DDoS threats are both complex and highly sophisticated. They target the availability of networks, services and applications, often at the same time, through a multi-layered attack strategy. These attacks combine high-bandwidth assaults that overwhelm the capacity of enterprise data centers with low-bandwidth, hard-to-detect attacks aimed at bringing down critical applications.
This is especially concerning for providers that offer cloud services – where an attack on their infrastructure will cause a ripple effect to their own customers, not only shutting down availability of their services, but that of their customers’ services currently running in the cloud. Unfortunately, these attacks represent the most popular attack vector as their stealthy nature makes them harder to detect. By making critical applications inaccessible to those who rely on them, these attacks deliver a significant blow to business availability.
We recently hosted a Webinar where we discussed this very issue – the fact that, as more services move to the cloud, the accessibility of these services becomes absolutely critical, and thus, much more attractive targets to would-be attackers. Arbor’s Rakesh Shah and Frost & Sullivan senior analyst Chris Rodriguez discussed this issue in depth, touching on the following:
- The importance of mitigating business risk in light of the increased number of attacks targeting cloud services
- The who, what, when, where and why of DDoS attacks targeting the application-layer, where many business-critical applications typically ‘live’
- An overview of popular attack tools and methods currently in heavy use by attackers
- Best practices defense for not only detecting these complex attacks, but mitigating them quickly before the damage is done
To view a replay of this Webinar, you can visit this link.
The slides are also available on SlideShare here: