Battling global DDoS attacks requires coordinated response

Battling global DDoS attacks requires coordinated response

Service providers that run the backbone of the internet need to have a coordinated response to deal with a global distributed denial of service attack, security experts say.

There's only so much that individual enterprises can do when attackers go after critical infrastructure, such as last month's attack on Dyn.

And it would take cooperation between a relatively small number of parties, said Oded Gonda, vice president of technology and innovation at Check Point Software Technologies, in a recent report.

"In some situations, it would take just two or three providers," he said. "In some situations, it might be 20 of them. But we are talking about a small number of entities who can work together."

Right now, that's not happening, he added.

[ ALSO ON CSO: Is critical infrastructure the next DDoS target? ]

"That is why we witnessed these kinds of global DDoS attacks," he said.

The cooperation should be on the industry level, he said.

"It would be much better if the technical parties would act together and find the most effective technical ways to do that," he said. "Regulation takes time and regulation sometimes has the chance of not solving all the problems. But if it does not come from the industry, then there is a place for governments to consider regulation."

Individual enterprises affected by a global DDoS attack can't solve the problem on their own because the traffic congestion occurs upstream.

"Individual organizations can do a lot against some types of DDoS attacks ," he said. "And there are various solutions on the market from Check Point and others, that can allow organizations to deal with that. However, if you have a global type of attack, then unfortunately these solutions will not be enough."

Gonda suggested that people aren't yet taking these kinds of attacks seriously enough.

Justin Fier, director of cyber intelligence and analysis at Darktrace

"We have to reach the conclusion that these attacks are something we don't want to live with," he said. "That this is an important enough problem that could become an even bigger problem and we need to act together."

The Dyn attack might have been the warning bell needed.

"It got our attention," said Christopher Roach, managing director and national IT practice leader at CBIZ Risk & Advisory Services.

Roach agreed that internet traffic companies need to take a stronger look at DoS attacks, including those based in Internet of Things devices.

"They need to be working to stay ahead of the attacks being developed by running their own what-if scenarios and testing their response capabilities," he said. "I don’t think they will always be able to stay ahead of the attack being conceived, but they have to try.”

The world is entering a new era of large scale-attacks, said Justin Fier, director of cyber intelligence and analysis at Darktrace.

"In the past six months alone, we’ve seen several examples of these attacks, from DNC to Yahoo to Dyn," he said. "It is more clear than ever that we are now facing a heightened cyber threat level."

Earlier this month, a DDoS attack took the entire country of Liberia off-line.

"Taking out an entire country is a significant step up from taking out merely a dozen companies," Fier said.

IDG Insider


«Dials Calendar review: iPhone app puts a unique spin on daily events


Google, LinkedIn leaders on tech's responsibility for lost jobs»
IDG Connect

IDG Connect tackles the tech stories that matter to you

Recommended for You


Latin America’s push towards digital transformation

Keri Allan looks at the latest trends and technologies


Meeting Owl brings new wisdom to conferencing

Martin Veitch's inside track on today’s tech trends


A rare glimpse inside the Chinese cybercrime underground

Phil Muncaster reports on China and beyond

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



Should the government regulate Artificial Intelligence?