Connect with us

Hi, what are you looking for?

OPINIONS

OPINION | Combating DDoS Attacks in Phl: It’s more than just a Defense Mechanism

The crackdown against DDoS (Distributed Denial of Service) attacks is like an arms race for enterprises. They are constantly outnumbered by enemies on all fronts on a battlefield with only a sword and shield in hand – while their opponents are armed with projectile machine guns – making the enterprises’ odds of winning this battle slim to none.

Security is a trickier challenge. Worried that packets will be intercepted? That’s relatively easy: Use encryption, such as SSL. This leaves it to the programmers to acquire and maintain the digital certificates. IMAGE FROM PIXABAY.COM

By Robin Schmitt
General Manager, APAC, Neustar

The crackdown against DDoS (Distributed Denial of Service) attacks is like an arms race for enterprises. They are constantly outnumbered by enemies on all fronts on a battlefield with only a sword and shield in hand – while their opponents are armed with projectile machine guns – making the enterprises’ odds of winning this battle slim to none.

IMAGE FROM PIXABAY.COM

Within the past few years alone, the Philippines has become a prime target for DDoS attacks. 2016 saw 68 government websites – including the Department of National Defense – fall victim to DDoS offenses. In 2017, the National Union of Journalists of the Philippines was also a target for DDoS perpetrators – shutting down the website and rendering the journalists defenseless. It has become clear that while the benefits of digitized processes are tremendous, it also opens up avenues for cyberattacks against us.

Consequently, it comes as no surprise that IDC predicted that by 2018, cybersecurity will remain high up on the agendas of business leaders, receiving 30 percent of fixed capital spend among the top 1,000 Philippines-based companies. Neustar’s research further validates this – the security solutions provider found that 90 percent of organizations were hit by breaches that stemmed from DDoS offensives.

IoT as a DDoS attack tool

Advertisement. Scroll to continue reading.

The emergence of cloud computing and IoT (Internet of Things) devices has streamlined the infrastructure of today’s connected world. However, they have also become a tempting target for DDoS attacks – more than 78 percent of enterprises experienced attacks while their IoT devices were in operation.

Frost and Sullivan predicted that IoT spend in the Philippines is estimated to surge from US$55.1 million from 2014 to US$766.8 million by 2020. As the adoption of IoT technologies progresses from a stage of nascence to an enterprise driver, organizations are left with their hands full in attempts to secure the enterprise value chain.  Once attackers get hold of vulnerable IoT devices and exploit the security deficiency, it becomes nearly impossible to prevent infection without issuing a security update or recalling the affected devices. With 89 percent of organizations suffering a breach, including data theft, dangerous ransomware, and network compromise with DDoS attacks, the dream of a connected world might be a disaster in the waiting.

Last year was inevitably a watershed moment in IoT security; headlined in the form of IoT botnet Reaper or IoT Troop causing massive destruction at one go – amassing more than 20,000 devices and affecting 2 million hosts that have been identified as potential botnet nodes.

What’s more dangerous is that some of these attacks were used as smokescreens to disarm an organization’s cybersecurity shield while simultaneously causing a temporary relaxation of networking defenses to alleviate the effects of the DDoS. Neustar found that more than half (51 percent) of Asia Pacific organizations reported falling prey to viruses stemming from DDoS attacks. As IoT adoption increases, the number of IoT-driven botnets is only set to escalate, presenting attackers with more opportunities to elude detection.

Better Detection = Greater Protection

Advertisement. Scroll to continue reading.

As attacks scale in complexity, the average organization needs at least a couple of hours to definitively detect a DDoS attack and another few hours (if you are lucky) to react and resolve the issues.

To put this into context, it’s estimated that financial services sector in Asia Pacific could be staring at revenue losses upwards of US$15.2m when six hours are taken to respond to a DDoS attack.  You can probably imagine the amount of financial impact to the victims during the earlier attacks on the three stock brokerage firms and a bank in July 2017.

This threat represents a new reality where the strikes have morphed beyond standard and commonplace into dangerous and continuous. The financial risks alone can exceed far beyond a quarter of a billion dollars and drives home the point that speed in detection and response is an ally to risk mitigation practices.

Neustar found the top three organizational motivations behind DDoS defense investments, namely: preserving customer confidence, prevention of associated attacks including ransomware and proactively strengthening existing protection. It should come as no surprise that those who seek to harm companies use DDoS as a weapon.

There is however, a silver lining. Businesses are acknowledging this threat by deploying Web Application Firewalls (WAF) that filter, analyze and isolate HTTP traffic stemming from web application security flaws. In fact, 53 percent of respondents have added WAF to their combat arsenals against DDoS – tripling in numbers since March 2017.

Advertisement. Scroll to continue reading.

The future ahead will offer opportunities for bad actors to devise craftier ways to launch far more dangerous DDoS attacks capable of distracting IT teams and stymieing forensics. Understanding the right combination of defenses is crucial and this can be achieved by working with security consultants to develop strategies and law enforcement bodies to provide maximum protection for stakeholders, only then will we be able to remain ahead of the curve on the battlefield and defeat the attackers.

Robin Schmitt leads Neustar’s Australian operations, with a focus on driving growth within the Asia-Pacific region. Neustar is a provider of real-time cloud-based information and analysis to the Internet, telecom, financial, media & advertising and retail industries. Schmitt joined the Neustar team in August 2015 and prior to this he served as Chief Operating Officer at Bombora Technologies for five years, before it was acquired by Neustar.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

In rigorous evaluations conducted by prestigious cybersecurity testing organizations, Kaspersky Plus (starting in Q4 2024, Kaspersky Premium), Kaspersky Endpoint Security for Business (KESB), and...

HEADLINES

"Given the Philippines' high exposure to cyber threats, it's important for both individuals and businesses to stay vigilant," said Adrian Hia, Managing Director for...

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

HEADLINES

On average, a single organization in the Philippines experiences 4,003 attacks per week, significantly higher than the APAC average of 2,870 attacks per week.

Advertisement