Denial-of-Service Attacks Meet the Cloud: 4 Lessons

By Robert Lemos, CIO |  Security

"People don't understand how easy it is for attackers to ramp up the bandwidth to knock you out," says Sop.

In 2005, the traffic seen by victims during an attack peaked at 3.5 Gbps. In 2006, that jumped to more than 10 Gbps, limited in many cases by the capabilities of Internet backbone links. In 2009, Arbor Networks detected more than 2,700 attacks in excess of 10 Gbps.

2. Specific apps targeted

Today, however, the danger is increasingly from denial-of-service attacks that focus on resource-intensive parts of a company's infrastructure to overwhelm key servers and services. Attackers are using low-bandwidth attacks on specific applications to take down a victim's online services.

For example, abusing secure HTTP requests can overwhelm a company's servers and routers or creating an attack that opens a multitude of account-creation requests can hang many applications, says Prolexic's Sop.

"These guys in the past have learned how to knock (victims) out with a Mike Tyson punch, but over the last three years, we have seen others who just blow on the right part of a site and knock it over," he says. "Real attackers attack the application itself."

3. Understand co-location realities

In the cloud, companies have to worry not just about attacks on their resources, but also about attacks on co-located tenants. Companies that use a co-location service must make sure the facility has adequate protection, of course. Physical servers may hold multiple customers' virtual machines, and providers take different approaches to ensuring safe space between VMs and handling related compliance issues for customers in regulated industries.

"Those providers have a lot of customers hosted on shared platform," Sop says.

While it's unlikely that companies will be able to know their neighbors, vetting their data center landlord's defenses should be a first step. It's also critical to understand what aspects of security remain your responsibility, not the co-location provider's.

4. Look to the cloud to help the cloud

While the movement to cloud computing has created weaknesses in business infrastructure, increasing the criticality of corporate connections to the Internet, cloud computing's ability to quickly provision resources and collect expertise in key areas also helps mitigate the threat, says Silva.

"You can have the best data center in the world, but you can put in only so much bandwidth on a per-data-center basis," he says.

Instead, companies should contract with a bandwidth-as-a-service provider, whether its a content distribution network such as Akamai or a purer infrastructure play such as VeriSign's offering, he says.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question