sponsored

Security Insider Interview Series: Barrett Lyon, Vice President, Research and Development, Neustar Security Solutions

Distributed Denial of Service (DDoS) attacks are a modern reality, so if a company is not preparing for them, they had better do so soon. Barrett Lyon, Vice President, Research and Development, Neustar Security Solutions, has seen his share of DDoS attacks, and has some ideas of companies can best protect themselves.

barrettlyon
Neustar

Distributed Denial of Service (DDoS) attacks are a modern reality, so if a company is not preparing for them, they had better do so soon. Barrett Lyon, Vice President of R&D for Security Solutions, has seen his share of DDoS attacks, and has some ideas of how companies can best protect themselves.

What are some of the steps organizations should take to defend against DDoS attacks?

It depends on the level of risk they face. Some organizations might be able to get away with basic services, while others, like a bank, would need enterprise-level scrubbing services. If you’re doing business online, you will need some sort of service. You should start working on a solution, because DDoS attacks aren’t going away.

Is it more about specific technologies or following specific processes to defend against DDoS attacks?

Better monitoring and better policies can help. We’ve seen some companies separate their services, so if one part of a business gets attacked, it doesn’t take down the other parts. Some companies panic and disconnect their security solutions thinking that was causing the problem. A more effective policy is to freeze the network after an attack and make no more changes until you understand the nature of what is going on. Using a mitigation service, as opposed to hosting your own equipment, is another strategy.

Once an attack is detected and is underway, what should an organization do to mitigate the damage?

If you have effective monitoring and telemetry on your network and apps, you should know what the attack is doing and if you’re still up and functioning. You’ll also know where the impact is happening. Once you’ve figured that out, you have to mitigate. Is it something you can do with your internal teams, or will you need external service? Neustar provides volumetric DDoS scrubbing services and application layer defenses. We can detect errors in apps before they become vulnerable. If someone is attacking an app, we can defend against that.

How have DDoS attacks evolved in recent years?

They have evolved from bombarding the machine to see if it will choke to bombarding the app and causing the database to choke. Some of these new attacks are unbelievably large, and it’s difficult for just one corporation to filter themselves. Last year we saw some of the largest attacks we’ve ever seen in terms of bandwidth—the traffic was 700 GB or more. Then again, there are all kinds of little attacks that pack a punch and go right after the application, so it’s really all over the place right now.

What do DDoS attacks accomplish? What are the attackers after?

Sometimes it’s censorship, sometimes it’s punishment, sometimes it’s extortion: “Pay me now or your site is going to go down.” And sometimes it’s a smokescreen. We’ll light part of the building on fire and we’ll rob the other part while everyone is worried about the fire.  Sometimes when there’s an attack, people take their defenses down. They’re also distracted by the attack, so it is similar to a fire in the building.

What are some of the new and emerging threats?

It has taken the bad guys a while to figure out how to do more articulate styles of attacks. There are sophisticated techniques that haven’t become public. So, my guess would be we’re going to start seeing the attacks become much more sophisticated. And as attacks get more complicated, defenses get more difficult as well. You can walk up to anyone’s front door and knock on their door. On the internet, you can take a thousand people or a million computers and simulate walking up to the front door. One person can suddenly command an entire army that’s hard to stop.

Related:

Copyright © 2017 IDG Communications, Inc.