DDoS Attacks Coming to the Cloud

Security | Blog Post | Mike Vizard, Thursday, October 21, 2010
cloud computing, network security, Security Breaches, Vulnerabilities and Patches

There’s an old saying that roughly goes: With small children come small problems. Big children, on the other hand, come with big problems.

So too it is with data centers. When IT organizations managed a lot of data centers, the scope of the issues to be addressed reflected the size of the data center. Now as IT organizations consolidate data centers, the problems to be addressed are getting bigger as well.

One of the first things that many IT organizations will discover is that once you consolidate data centers and start building out a private cloud, your data centers become bigger security targets. After all, there’s a lot more activity in these data centers, and all that activity gets on the radar screens of the bad guys pretty quickly.

In fact, anybody who has worked for an Internet service provider can tell you how aggressive and persistent those bad guys can be. And their favorite form of attack is the distributed denial of service DDoS).

The motivation for these attacks used to be pretty rudimentary; they usually involved some form of extortion where the attacker asks for money to make the attacks disappear or some activist group simply wanted to make a political statement. But now these attacks are part of state-sponsored cyber wars that don’t discriminate between governments and business.

The issue that many traditional IT organizations are likely to face now that they are running bigger, albeit fewer, data centers is that these DDoS attacks are increasingly going to be aimed at them. According to Rakesh Shaw, director of product marketing for Arbor Networks, DDoS attacks are not only increasing in volume, they are also being aimed at specific types of applications and services, usually involving transactions. Driving this increased volume of attacks is a legion of botnets specifically built to automate the attack process. So the day when these types of attacks are aimed at more traditional IT organizations is now at hand.

Shah says you no longer need to have a big Web presence or be an ISP to be subject to a DDoS attack. You just need to have something of value. Unfortunately, many traditional IT organizations don't have a lot of direct experience with DDoS attacks, said Shah

Arbor Networks is trying to make it easier for IT organizations to deal with these attacks with the release of a stand-alone appliance that runs its Threat Mitigation System (TMS) software that was originally developed for ISPs trying to fend off thousands of attacks. Now as more traditional enterprise organizations move into cloud computing, they can add TMS to their existing portfolio of security products or they can opt to deploy a full Arbor PeakFlow SP system, said Shah.

There are, of course, multiple ways to defend against these types DDoS attacks. And while you may never know when and where they will hit, more DDoS attacks are on their way to an enterprise near you in the not too distant future.

Comments (3) Bookmark and Share

Comments

Cloud DDoS Providers
Thu, 2011-04-07 14:12 — Anonymous (not verified)
For SMBs the only viable solution is Cloud based DDoS providers who have substantial bandwidth, equipment & expertise. The reality is if the attacker can overload your connection to the outside world, how valuable is a piece of hardware that sits on your premise. SMBs should look at Verisign, Neustar & others who have expertise and size to deal with large attacks.
I'm a bit unsure what you
Mon, 2010-10-25 11:17 — Anonymous (not verified)
I'm a bit unsure what you mean - while we're always working to improve our functionality and welcome constructive feedback on how to add even more value to our comprehensive network visibility & control solutions, Arbor's pretty generally recognized as state-of-the-art and the industry standard when it comes to dealing with sophisticated, multi-vector DDoS attacks, including site-/service-/application-specific layer-7 attacks. If you've specific feedback on how our industry-leading detection/classification/traceback/mitigation systems can be extended even further in terms of availability preservation capabilities, we'd love to hear your specific, detailed recommendations. As to your comment regarding CAPEX investment in Arbor solutions, we've found that our solutions offer value which is easily tabulated in terms of ROI and perceivable, tangible operational security (opsec) benefits which positively affect the bottom lines of our customers. Our goal is to offer the most advanced availability protection mechanisms available to a wide variety of organizations, and we believe that our ability to scale from 1.5gb/sec up to 50 terabits/sec (tb/sec) of intelligent DDoS mitigation capacity in a single installation is unmatched in the industry. At any rate, we appreciate you taking the time to comment, and look forward to any specific recommendations you may wish to share. Thanks much!
DDoS in the cloud
Fri, 2010-10-22 09:49 — Anonymous (not verified)
In our experience Arbor's technology is still too expensive and lacks the features and functionality of todays leading DDoS solutions. The game has moved on, Arbor needs to catch up.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <b> <i>

More information about formatting options