iGaming Business magazine Fraud & ID Verification Focus 2018 | Page 3
Fraud and ID Verification Focus 2018
UNDER
ATTACK
Ross Gavey argues for a holistic approach to data security in light
of igaming’s ‘most targeted’ status
Data is the lifeblood of igaming and uptime is the measure by
which we can analyse whether it is being adequately protected.
Unfortunately, the sector is a high-profile target for attacks, which
place daily.
Those companies that choose their hosting partners wisely are the
ones that will stay protected, no matter how frequent or ferocious the
level of attack.
In fact, igaming isn’t just a high-profile target for attacks; it is the
most targeted industry when it comes to distributed denial of service
(DDoS) attacks.
In the summer US cloud service Akamai published its State of the
Internet report, which confirmed that gaming continues to suffer
more than every other sector when it comes to DDoS. Sadly it is
disgruntled customers who cause the majority of disruption.
“The gaming industry has continued to be the single largest target
of DDoS attacks that Akamai defends against. The majority of these
attacks appear to stem from the people using systems affected by the
attacks. In other words, it’s mainly gamers attacking the sites out of
frustration or hoping to gain an edge on their competitors.”
Volume is down, effectiveness is up
The same report also provides evidence that after a lull, the size
of attacks is once more on the increase, with the median size of
attack in the months to April 2018 being 1287Mbps, compared to
782Mbps in the run up to January this year.
It’s important to point out that targets are rarely attacked just the
once. In fact, once subjected to a first DDoS effort, a business can
expect to be attacked a further 40 times, so there is no solace to be
found in expecting a single attack to be the full extent of the problem.
As the size of DDoS attacks goes up, readers will be pleased to know
that the number of ransomware attacks is on the decline, by almost a
third according to the McAfee Labs Threats Report in June 2018.
However, before security professionals break open the champagne,
the downside to this news is that the latest generation of ransomware
attacks are more highly targeted and effective than before.
Deployment methods are also evolving, with the group behind
GandCrab, one of the newest ransomware applications, using a
ransomware as a service partnership model, thus making attacks
more accessible to a wider range of bad actors.
Ross Gavey is head of data centre sales at
Sure International across the Channel Islands and
Isle of Man. He works closely with clients across
the gamut of Sure’s data centres and cloud
services, DDoS protection and disaster recovery.
A holistic approach
Ransomware is particularly interesting because most attacks
employ a mix of technology and social engineering. This makes it
necessary for companies to employ a holistic approach to protection,
which includes staff education as well as technologies.
As leading igaming jurisdictions, Guernsey and Jersey have the
world-class data centres needed to host real-time gaming operations,
and at Sure we’ve developed our data centre facilities to ensure they
provide the correct, ever-evolving protection for the igaming sector.
Against DDoS attacks, we’ve deployed Arbor DDoS protection.
This system secures the high bandwidth gateways at the
network’s edge and keeps malicious data far from the core and
our clients’ systems.
Above this, we’ve deployed an integrated high capacity off-net
cloud-based solution powered and managed 24/7 by Arbor. It is
capable of mitigating attacks in excess of 1Tbps. Given the current
median size of attack is 1287Mbps, this is more than capable of
thwarting the most determined of efforts.
When it comes to ransomware, our partnership with email
security specialists, Mimecast, comes into its own. Our safeguards
offer attachment sandboxing, URL protection, impersonation
protection, internal email protection and a constant programme
of education and testing to ensure staff are always on the alert for
phishing emails that could trigger a ransomware attack.
Mimecast’s cloud-based email protection service is world leading
and has found its place in the Gartner Magic Quadrant.
Sure’s unique dual-island data centre network also provides the
physical resilience that every igaming operation needs to ensure its
operations will continue unaffected, no matter how fierce an attack.
Companies continue to choose the Channel Islands and Sure
because it’s clear that we are serious about igaming, know what we’re
doing and perhaps most importantly, we’re here for the long term.
i GamingBusiness | Issue 112 | September/October 2018
119