Grant Asplund is a proven multi-channel senior sales and marketing executive with history of exemplary achievement introducing/launching new products and establishing large, long-lasting pipelines and revenue gpostth within leading technology companies and start-ups.
Cloud computing has emerged as both a solution and a challenge. DDoS (Distributed Denial of Service) attacks have found fertile ground in the cloud environment, posing significant threats to organizations. In this interview with Gpostth Technologies Expert Grant Asplund, we explore current trends and effective strategies to prevent DDoS threats in the cloud.
In regards to DDoS attacks in the cloud, what trends are you seeing?
Well, overall the cloud is certainly making it easier to launch DDoS attacks…as I’ve said many times, the bad guys utilize innovation just as well or better than the good guys! Current trends include reflection and amplification attacks based on TCP, hyper volume attacks driven by powerful bots and activity driven by hacktivist campaigns.
What are the most common types of DDoS attacks that target cloud services?
In general, there are three types of cloud-based DDoS attacks; volumetric, protocol and app layer. What’s important is to understand is that they each have their own characteristics and require different means of mitigation.
How can cloud providers help mitigate DDoS attacks and what responsibilities do customers need to address independently?
Many experienced MSPs have advanced DDoS filtering and defenses in place. Additionally, cloud providers are constantly adding and improving their DDoS detection and mitigation capabilities. Obviously, this is key criteria you should evaluate and compare when selecting your cloud provider(s).
Customers need to understand if they are under a DDoS attack. Customers need to be able to deploy mitigations during an attack. Customers need to be constantly monitoring their systems during an attack and should add granular configurations to prevent attacks. Custom policies based on Geo, URI, IP headers, and source and destination IP will also help. Of course, they also need to have a comprehensive response and disaster recovery plan. And, it’s recommended organizations practice the plan too!
What proactive measures can organizations take to prevent DDoS attacks from impacting their cloud infrastructure and applications?
There are several things organizations can do to prevent DDoS attacks. What might be the most important is understanding your normal network traffic patterns to accurately determine if you are under attack. Of course, making your network as resilient as possible through redundancy is critical. Having plenty of bandwidth always is a plus. And the importance of good cyber hygiene can’t be overstated. Patch, patch, patch. Have a solid cyber-education and training program for employees. Threat intelligence is also critical to detect traffic anomalies. Use CAPTCHA…there are more bots than ever and there are only going to be more in the future (and they’ll be more powerful too).
What considerations should organizations keep in mind when deciding between various DDoS mitigation solutions?
A sound DDoS mitigation solution must provide scalability in order to absorb large volumes of traffic and adapt as the traffic patterns changes. A solution with a global view and footprint is key. It seems obvious, but a sound cyber security foundation is critical. All DDoS specific mitigations are built ‘on top’ of this foundation. Granular filtering and routing using firewalls and WAFs is essential.
Is there anything else that you would like to share with the cybertalk.org audience?
In today’s 24x7x365 hyper-connected world, where our dependencies and utilization of digital technologies have reached unprecedented levels, and continue to increase, organizations will be best served by finding and aligning with a security partner. Unless your primary business is cyber security or you have unlimited budget, get an expert cyber security partner.
For more CyberTalk.org insights from Grant Asplund, please see past coverage. Lastly, to receive more timely cyber security insights and cutting-edge analyses, please sign up for the cybertalk.org newsletter.