INTELLIGENT SOFTWARE BUSINESS
T
he epic distributed denial-of-
service (DDoS) attack went after
Dyn, a company that controls
much of the Internet’s domain name
system infrastructure, bringing down sites
including Twitter, The Guardian, Netflix,
Reddit, CNN and many others. The original
Mirai botnet, an Internet of Things (IoT)
botnet consisting of about half a million
DVRs, surveillance cameras and other
embedded devices, is still actively being
used, but its new evolutions are already
being leveraged by threat actors in the wild.
This is just the latest of high-profile DDoS
attacks, which include attacks on the BBC
and cybersecurity website Krebs on Security.
And DDoS attacks are not going away.
This year marks 21 years of high-profile
DDoS attacks targeting the availability of
Internet service provider networks. During
the past two decades, DDoS attacks have
grown in size, frequency and complexity.
DDoS is a very different game than it was
only a few years ago and it is now being
broadly adapted as an attack technique by
threat actors who are available for hire for
as little as $5 an hour. This, coupled with
businesses’ increasing reliance on Internet
connectivity for either revenue or access to
cloud-based data or applications, means
DDoS protection is becoming front of mind
for companies worldwide and across every
industry sector.
Despite 20 years of headlines, many
businesses today are underinvested and
ill-prepared to handle modern DDoS
attacks. Many wrongly believe they are
not being targeted by DDoS attacks and
are, in fact, experiencing outages due to
DDoS attacks that are falsely attributed
to equipment failures or operational error
because the companies lack DDoS visibility
and defence.
One recent trend is exploitation of IoT
devices as bots for DDoS attacks. While
this approach has received much recent
notoriety, IoT botnets are not new. As far
back as July 2014, LizardStresser, a botnet
that is geared toward infecting IoT devices,
was used to carry out attacks during the
FIFA World Cup. IoT endpoint protection
is one of the biggest challenges we’ll need
to deal with in the coming years.
With DDoS attacks becoming regular
front-page news, many enterprises are
considering their protection options. For
the channel, however, tackling what has
become a crowded space with endless new
entrants – in terms of solution providers
and vendors – is proving a challenge.
Enterprises are confused by all the
options available to them, while also often
wondering how their WAF or firewall
vendor suddenly has new DDoS protection
capabilities. Meanwhile, selling security
remains a complicated business with
myriad factors at play.
On the plus side, strategic channel
partners can take a leadership role for the
end customer, helping them understand
the competitive landscape, for which
vendors have check-the-box type solutions
that are more about taking advantage of a
hot topic than managing customer issues,
and which vendors have DDoS protection
solutions that can stand up and reliably
protect the enterprise in the face of today’s
attacks. The explosive growth in the DDoS
market means that the need for the ‘trusted
adviser’ to separate hype from facts
becomes more important than ever.
DDoS is a very
different game
than it was only
a few years ago
and it is now
being broadly
adapted as an
attack technique
by threat
actors who are
available for hire
for as little as $5
an hour.
47