APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • Symantec
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    Editor's Pick (1 - 4 )
    left
    Examining Past and Future DDoS Attacks: What Enterprises Can Do to Prepare

    Tammy Moskites, CIO/CISO, Venafi

    Denial of Service Attacks- From Bandwidth to APIs

    Edward G.Amoroso,

    Where There's Smoke Theres A DDoS Attack

    Evgeny Vigovsky,

    5 Disruptive Trends to Traditional IT Operations

    Aaron Delp, Director of Technology Solutions, SolidFire

    Tapping the Cloud to Secure Financial Assets during Disaster Recovery

    Lisa Pope:SVP-Global Strategy & Sales, Infor CloudSuite

    Overcoming Enterprise Security Challenges with Continuous Monitoring in the Cloud

    Sumedh Thakar, Chief Product Officer, Qualys

    right

    DDoS: Are You Prepared?

    Robb Reck, CISO, and Ping Identity and Sam Masiello, VP and CISO, Teletech

    Tweet
    content-image

    Robb Reck, CISO,

    Distributed Denial of Service (DDoS) attacks are at an all-time high and companies across every vertical are feeling the pain. The internet has been weaponized and is being used to disable and disrupt the services and products being delivered from it. DDoS is a parasite that is damaging the internet from the inside-out. What if the time and money that you spent on data center redundancy and your strategies for site failover were rendered ineffective because a DDoS took it all offline in a matter of moments leaving you unable to service your customers or generate revenue? 

    “The goal for any organization should be to invest the right amount of time and money into protections to manage risk appropriately” 

    Not only are DDoS attacks increasing in frequency, but also in size and complexity. With many attacks leveraging vulnerabilities across multiple internet protocols the time and effort required to identify and apply a mitigation strategy has increased dramatically. The questions then follow: How long will the attack last? Which of our impacted services are most important? How much revenue have we lost? How will our clients view the stability of our relationship as a partner? It is enough to make any leader lose sleep at night.  

    Real Life Consequences - Protonmail  

    Protonmail, an encrypted email service provider, chronicled their own plight recently when their infrastructure was attacked by two separate DDoS groups. These attacks crippled their website, and effectively shuttered their company for almost a week Protonmail noted that the attack that targeted their environment “exceeded 100Gbps and attacked not only the datacenter, but also routers in Zurich, Frankfurt, and other locations where our ISP has nodes.” It impacted not only Protonmail’s ability to deliver their service, but dozens of other companies that were impacted as collateral damage. 

    Motivation behind DDoS 

    The motivation behind a DDoS attack falls into: financial gain, political agenda, or mischief.  

    The use of cyber-attacks for financial gain should not surprise anyone as this has been the primary intent of malicious cyber activity for over a decade. Where DDoS lends an interesting twist is that the value to the cybercriminal is not in dropping malware, phishing, and stealing credentials or data. It comes in the form of extortion and corporate espionage. During or even before an attack, it is not uncommon for the person or people behind it to request a ransom payment to either prevent the attack from occurring or to stop it once it has started. Paying the ransom is a dual-edged sword, however because you are effectively negotiating with criminals at that point, which means that they may stop the attack when payment is received or an initial small bounty. Competitors may also use DDoS as a means to promote a negative image of your brand in an effort to build distrust in your ability to deliver service and drive business away. It is widely accepted that this is common practice in some highly competitive markets, such as online gambling.  

    With the rise of (loosely) organized DDoS groups like Anonymous, Lizard Squad, and DD4BC along with the availability of free and low-cost DDoS-as-a-service tools, the barrier to entry for someone who wishes to engage in this type of activity is quite low. This has made DDoS the weapon of choice for many who wish to launch such an attack for fun, to wreak havoc, or to squelch a vocal online minority An example occurred in June of this year when many Canadian

    government websites and systems were taken offline due to DDoS in response to bill C-51 which aimed to enact of a number of measures aimed at banning promotion of terrorism and expanding the power of the Canadian Security Intelligence Service (CSIS). 

    What you should do about it 

    It is essential that IT leaders prepare their organizations for this threat. The goal for any organization should be to invest the right amount of time and money into protections to manage risk appropriately. Too little investment and we leave ourselves vulnerable to unacceptable loss due to attack, but too much investment means that we’re stealing the resources from other critical risks. These four steps provide a framework for protecting your organization. 

    Business impact analysis (BIA). The goal of BIA is to survey the corporate resources that could be attacked from outside and determine what impact to your company would be if they were taken off-line. At the very least, come up with a relative impact rating, to help you determine which resources are most critical to your organization. 

    Be careful not to overlook supportive systems. Your customer-facing website may be the highest profile resource, but there are likely other resources required to maintain that website. VPN concentrators, DNS servers, and load balancers are just some of the infrastructure components that may be essential for the customer-facing site to function, and could be targeted by attackers.  

    Assign recovery time objectives (RTO). RTO quantifies how long your business is willing to go without this resource. It gives you success criteria by which to evaluate your DDoS protection controls. The lower the RTO the more controls you will need to put in place to protect the resources, so making the decision to give everything an RTO of 0 is not only extremely expensive, it’s also impractical. The assignment of RTOs should be performed in coordination with the company’s executive team. This will ensure the RTOs align with the senior leadership’s desires and may make it easier when you request budget for DDoS controls. 

    Implement solutions. Next you should design and implement solutions which facilitate achieving those RTOs. Effective DDoS mitigation solutions require people, process and technology wrapped together. Purely technical solutions are unlikely to be sufficient. Some DDoS mitigation technologies impact performance or usability of the services they are protecting so should not be enabled at all times. Many third party scrubbing solutions charge based on the volume of data send through their environment, so an always-on approach gets expensive very quickly.  

    Consider a tiered approach to DDoS mitigation. 

    1. On the simplest end, look at DDoS protection options built into your firewall, web application firewall or other networking equipment. These can help with some of the simplest attacks. 

    2.  Generally appliances are much more effective than the defenses built into your existing network gear. While on-network protections are essential for continuous protection, they can only do so much. A large scale DDoS can easily overwhelm your internet pipe and make your resources unavailable. 

    3. For the largest attacks it makes sense to partner with a third party scrubbing company. In the event of a volumetric attack you can swing your traffic to the third party. These companies have huge internet connections that can take the attack traffic, filter out the bad, and send the clean data to you. 

    Whichever technical solutions you choose, be sure to wrap the appropriate personnel and processes around them. Employees need to know how to recognize an attack, how to enable any protections that aren’t always on, and how to restore the environment to normal operations. 

    Test your solutions. Optimally, try to perform a series of tests, starting with small discrete tests that focus on validating specific parts of your tiered approach. Discrete tests could include: 

    • Do your firewall’s controls successfully prevent SYN flood attacks? 

    • Does your on-site DDoS appliance successfully prevent low volume attacks? 

    •·Can you determine whether resource performance issues are benign anomalous behavior or indicate an ongoing attack? 

    • Is your staff able to respond to attacks and route traffic to your third party scrubbing service quickly enough to support your RTO? 

    • Is your scrubbing vendor able to mitigate high volume attacks and provide a clean stream of data to your infrastructure? 

    After validating the individual components of the program, the next step is a comprehensive testing strategy. In this step you will need more experienced testers, and will probably want to engage an experienced external firm. A qualified third party can help evaluate all the ploys an attacker may launch, providing your organization with another set of eyes. 

    The results of the testing can fit directly into your continuous improvement process, allowing you to tweak and improve your DDoS controls over time, better mitigating the risks to your organization. 

     Conclusion 

    The trend is clear: DDoS attacks have become a favorite implement in the hackers’ toolbox. The best time to create your DDoS mitigation plan is now, before attackers have knocked your systems off-line. While you cannot eliminate this risk entirely, you can give yourself a fighting chance by: 

    1. Understanding the changing landscape, 
    2. Inventorying your own company’s internet accessible resources,  
    3. Implementing solutions to appropriately protect them, and  
    4. Testing your people, processes and technologies. 

     

    tag

    Firewall

    Financial

    Weekly Brief

    loading
    ON THE DECK

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Advancing the Chemical Industry through Digital Transformation

    Advancing the Chemical Industry through Digital Transformation

    Jan Mandrup Olesen, Global Head of Digital Business, Indorama Ventures
    Cultivating a Sustainable Future through Collaboration

    Cultivating a Sustainable Future through Collaboration

    Jiunn Shih, Chief Marketing, Innovation & Sustainability Officer, Zespri International
    Mastering Digital Marketing Strategies

    Mastering Digital Marketing Strategies

    Tasya Aulia, Director of Marketing and Communications, Meliá Hotels International
    Building a Strong Collaborative Framework for Artificial Intelligence

    Building a Strong Collaborative Framework for Artificial Intelligence

    Boon Siew Han, Regional Head of Humanoid Component Business & R&D (Apac & Greater China), Schaeffler
    From Legacy to Agility Through Digital Transformation

    From Legacy to Agility Through Digital Transformation

    Athikom Kanchanavibhu, EVP, Digital & Technology Transformation, Mitr Phol Group
    Change Management for Clinical Ancillary Teams: Aligning Practice with Policy and Progress

    Change Management for Clinical Ancillary Teams: Aligning Practice with Policy and Progress

    Ts. Dr. James Chong, Chief Executive Officer, Columbia Asia Hospital – Tebrau
    Digital Transformation: A Journey Beyond Technology

    Digital Transformation: A Journey Beyond Technology

    John Ang, Group CTO, EtonHouse International Education Group
    Building A Strong Data Foundation: The Key To Successful Ai Integration In Business

    Building A Strong Data Foundation: The Key To Successful Ai Integration In Business

    Richa Arora, Senior Director Of Data Governance, Cbre
    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://symantec.apacciooutlook.com/cxoinsights/ddos-are-you-prepared-nwid-1454.html