Connecting to LinkedIn...

W1siziisijiwmtuvmdqvmtuvmdgvntqvmzgvnzi1l01ptlrbu0hfqkxpr19vtljftkrfukvex0lnqudfx3jlc2l6zwrfyw5kx3jlbmrlcmvklmpwzyjdlfsiccisinrodw1iiiwimtkymhgxmjuwiyjdxq

Blog

Secondhand DDoS: Why hosting providers need to take action

3/10/2014 by

W1siziisijiwmtqvmtavmjgvmtuvmtavndgvnzuzl2zpbguixsxbinailcj0ahvtyiisijywmhg0mdbcdtawm2uixv0

Unfortunately, the sheer size and scale of hosting or datacenter operator network infrastructures and their massive customer base presents an incredibly attractive attack surface due to the multiple entry points and significant aggregate bandwidth that acts as a conduit for a damaging and disruptive DDoS attack. As enterprises increasingly rely on hosted critical infrastructure or services, they are placing themselves at even greater risk from these devastating cyber threats – even as an indirect target.

What is secondhand DDoS?

The multi-tenant nature of cloud-based data centres and shared, hosted environments can be less than forgiving for unsuspecting tenants. A DDoS attack, volumetric in nature against one tenant, can lead to disastrous repercussions for others; a domino effect of latency issues, service degradation and potentially damaging and long lasting service outages.

The excessive amount of malicious traffic bombarding a single tenant during a volumetric DDoS attack can have adverse effects on other tenants as well as the overall data centre or hosting providers operation. In fact, it is becoming more common that attacks on a single tenant or service can completely choke up the shared infrastructure and bandwidth resources, resulting in the entire data centre can be taken offline or severely slowed – AKA, secondhand DDoS.

Black-holing or black-hole routing is a common, crude defense against DDoS attacks, which is intended to mitigate secondhand DDoS. With this approach, the cloud or hosting provider blocks all packets destined for a domain by advertising a null route for the IP address (es) under attack. There are a number of problems with utilising this approach for defending against DDoS attacks: Most notably is the situation where multiple tenants share a public IP address range.

In this case, all customers associated with the address range under attack will lose all service, regardless of whether they were a specific target of the attack. In effect, the data centre or hosting operator has finished the attacker’s job by completely DoS’ing their own customers. Furthermore, injection of null-routes is a manual process, which requires human analysts, workflow processes and approvals; increasing the time to respond to the attack, leaving all tenants of the shared environment suffering the consequences for extended periods of time, potentially hours.

The growing dependence on the Internet makes the impact of successful DDoS attacks-financial and otherwise-increasingly painful for service providers, enterprises, and government agencies. And newer, more powerful DDoS tools promise to unleash even more destructive attacks in the months and years to come.

This article has been extracted from http://www.information-age.com/, please click on this link to read this article in full http://www.information-age.com/technology/security/123458517/secondhand-ddos-why-hosting-providers-need-take-action

Montash is a multi-award winning, global technology recruitment firm. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:

ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.

With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.

comments powered by Disqus

Social Stream

Latest News

W1siziisijiwmtcvmdivmtuvmtyvntivmjuvnzkwl2n5ymvyigf0dgfja3muanbnil0swyjwiiwidgh1bwiilcizodb4mtawiyjdxq

UK threatened by serious cyber attacks every ...

2017-02-15 16:00:00 +0000

The security of the UK has been threatened by 188 serious cyber attacks in the last three months, a government security chief has said. National Cyber Security Centre (NCSC) Chief Executive Ciaran Martin told The Sunday Times that national security was put at risk by many of these attacks. Martin was speaking ahead of the official opening of the NCSC, which has been set up to protect critical services in the UK from such attacks and improve underlying i...

W1siziisijiwmtcvmdivmdgvmtavmzcvmzkvnjkyl0n5ymvyifnly3vyaxr5lmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

British cyber security workforce rises 163%

2017-02-08 10:00:00 +0000

Data from the UK has shown that the cyber security workforce has grown considerably over the past five years. According to a new report from cyber skills promotion network Tech Partnership, there are now 58,000 more workers in this industry – a rise of 163 per cent. It shows the growing importance of these professionals, with firms across a vast range of industries turning to cyber security specialists to safeguard their data. To collate the report, the...