DDoS attacks will remain a serious threat for companies in 2017. The use of insufficiently secured IoT devices is especially a cause for concern and I would like to emphasise the importance of preparation as part of a thorough strategy for DDoS defence.
2016 was a year of many alarming DDoS attacks. For the first time, those attacks have reached a volume of over one terabit/second. The extensive use of BOT-nets from IoT devices such as IP-cameras is alarming. One of these attacks has managed to incapacitate the DNS provider Dyn temporarily. With Dyn being the DNS provider of companies like Amazon, Spotify or Netflix, even the latter’s services have been unavailable – inconvenient YES, but even more important problematic.
If we look at these facts, it is more than evident to draw some conclusions and, at NTT Security, we did exactly that for the security situation in 2017:
- Vulnerability of Internet of Things: Expect additional weak spots in insufficiently secured IoT devices. The volume of attacks is bound to increase and result in problems in the backbones of carriers.
- Attacks off the Rack: DDoS attacks can easily be ‘ordered’ online without previous or special technical knowledge.
- Precaution: DDoS attacks can’t be fought with ad-hoc measures only. Precaution as a part of a holistic security concept is the best protection.
- DDoS Defence Strategy: Independently from concrete attacks, companies should inspect and analyse the possible impact of a DDoS attack and ensure they are equipped with sufficient resources and procedures for defence and response – either internally or by leveraging the expertise of global security experts.
- Business Impact Analysis: Conduct a business impact analysis to detect potential attack vectors and externally accessible services.
- DDoS Protection Concept: As soon as all services and their dependencies are known, a DDoS protection concept can be created. It should entail monitoring, alerting and incident response processes. The costs for the realisation of such a concept must be considered in relation to the potential costs and impact of an attack.
Let’s face the reality; no company is safe from DDoS attacks, no matter how small or seemingly unimportant. Ad-hoc measures barely suffice as a defence. DDoS attacks can only be successfully fought if companies adapt a profound and holistic security strategy. It is the starting point – common sense but not always implemented.
Hackers attacking business systems are most likely looking for a big payout -- not trying to make a political point or steal secrets