APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • DMS
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    Editor's Pick (1 - 4 of 8)
    left
    Identifying the Ideal DMS

    Judi Flournoy, CIO, Kelley Drye & Warren LLP

    Transformational Change Challenging Information Technology Teams

    Dave Hudson, CIO, Veritiv Corporation

    End user adoption of Document Management

    Chris Moon, CIO, Environment Protection Authority Victoria

    Keeping Pace with Changing Technological Advancements

    Cameron Brill, CIO, St John New Zealand

    Cloud Computing for Better Document Management

    Dale Rayner, CIO, AJ Park

    DMS: Foundation for Collaboration and Efficiency

    Barbara Kunkel, CIO, Troutman Sanders

    Have No Fear, the Data Super Heroes are Here

    Matthew Johnston, Area Vice President, ASEAN & Korea, Commvault

    Moving Towards the Digital Telecommunications Revolution

    Benoit Hanssen, CTO, Wind Tre

    right

    Why DDoS Makes for Risky Business

    Sam Curry, CSO & CTO, Arbor Networks

    Tweet
    content-image

    Sam Curry, CSO & CTO, Arbor Networks

    Defending organizations’ networks against DDoS attacks has long been a daunting challenge—but now cybercriminals are making it even more so; headlines today are rife with news of another DDoS attack, data breach or other security incidents. Yet even in today’s dynamic threat landscape, many organizations still believe that the DDoS protection they adopted a few years ago still works today. In these instances, organizations are gambling with their network. It’s time to debunk some outmoded misconceptions about DDoS.

    5 Common Misconceptions about DDoS Protection

    Misconception #1: Firewalls, IPS or Content Delivery Networks Are the Answer

    The evolution of IT infrastructures and the dependency on third-party clouds have created a complex environment that no longer has a perimeter. Traditional “perimeter” security solutions such as firewalls and IDS/IPS are still vital parts of an integrated security posture. However, because these devices conduct stateful inspection of network connections, they are susceptible to some DDoS attacks, which can make matters worse.

    Many organizations also erroneously believe that Content Delivery Networks (CDN) provide a solution to stopping DDoS attacks. The truth is that a CDN merely addresses the symptoms of a DDoS attack. By absorbing these large volumes of data, a CDN actually lets all the information into and through the network— providing an “all are welcome” approach. In addition, most CDN based DDoS protection solutions only focus on absorbing HTTP/ HTTPS DDoS attacks, ignoring all others such as NTP/DNS amplification attacks, which are very common.

    Misconception #2: A Single Layer of DDoS Protection is Enough

    Because modern day DDoS attacks use a dynamic combination of volumetric, TCP state exhaustion and application-layer attack vectors, industry best practices recommend that organizations take a layered approach to protection.

    That is, the best place to stop large flooding attacks is upstream in a service provider’s cloud before they overwhelm local Internet connectivity or on-premises DDoS protection systems. And the best place to stop stealthy application-layer attacks is on the customer premises, closer to where key applications or services reside. Just as importantly, you must have an intelligent form of communication between these two layers backed by up-to-date threat intelligence to stop dynamic, multi-vector DDoS attacks.

    Unfortunately many organizations

    choose only a single layer of protection resulting in an incomplete DDoS protection solution.

    Misconception #3: The Odds are We Will Not Become a Target, So it’s Worth the Risk

    Then dramatic rise in the number of DDoS attacks is due to two main factors: Ease of launching an attack and multiple motivations behind attacks. It’s never been easier in history to launch a DDoS attack. Anyone can simply download a Do-It-Yourself DDoS attack tool for free or pay a small fee to third-party to conduct a DDoS attack as a service. And while the price for launching an attack is in the tens of dollars, the losses for organizations can be in the tens of millions. The motivations behind DDoS attacks are plenty. No longer are DDoS attacks motivated by financial gain or conducted by state sponsored organizations.

    Today, all it takes is for someone to simply disagree with your opinion, political affiliation or stance on a topic to launch a DDoS attack using the plethora of tools or services available to them. To make matters worse, if your services are housed in a shared cloud environment, you don’t even have to be the target of the DDoS attack to be impacted by the collateral damage. So you have to ask yourself, “Do I feel lucky?”

    Misconception #4: The Impact of a DDoS Attack Does Not Justify the Cost for Protection

    The impact of a DDoS attack can be immediate and severe. The fact is that many organizations do not conduct the proper risk and counter-measure analysis to help justify the purchase of a comprehensive DDoS protection solution. Sure, calculating the cost of downtime for a revenue generating service may be a no brainer; but have you considered all the other costs that are associated with a DDoS attack?

    There are many other indirect costs that are routinely overlooked such as SLA credits, legal/regulatory fees, PR costs for brand repair, and customer churn. There are even documented cases where executive or board members have been fired due to their organizations not being adequately prepared to stop DDoS attacks and other threats.

    Misconception #5: DDoS Attacks are Not Advanced Threats

    Yes, technically speaking DDoS attacks by themselves may not be advanced. However, recent research into botnets and DDoS attacks has determined that they are actually very closely related to advanced threats campaigns that use malware, and RATs.

    For example, there have been documented cases where DDoS attacks were used during:

    • The early reconnaissance stage to test an organization’s abilit to respond to certain threats.

    • The weaponization or malware delivery stage, where they were used to fill security forensic product log and data files; making the search for the planted malware much more challenging.

    • The data extraction stage where the attacks were used as a diversionary tactic.

    So this begs the question… “Was that last DDoS attack an isolated event or was it part of a more advanced threat campaign against my organization?” To hedge your bets it’s highly recommended that you use global threat intelligence to proactively “hunt” for signs of compromise or breach before they impact your organization.

    It’s Time for an Intelligent, Multi-Layered Approach to DDoS Protection

    Using traditional security solutions such as firewalls or IPS—or betting against the cybercriminals and hacktivists by doing nothing—is a huge risk. Can you afford your critical applications to be unavailable? Can you recover from the costs associated with a breach which exposes millions of customer’s confidential data? The reality is you need to protect your organization at all times by taking an integrated, multi-layered approach to DDoS defense.

    tag

    Financial

    Weekly Brief

    loading
    Top 25 Document Management Solution Providers 2017
    ON THE DECK

    DMS 2017

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://document-management-systems.apacciooutlook.com/ciospeaks/why-ddos-makes-for-risky-business-nwid-2598.html?utm_source=google&utm_campaign=apacciooutlook_topslider