Building resilience has been saved
Perspectives
Building resilience
Combat denial-of-service attacks
Traditionally, organizations have relied on disaster recovery (DR) solutions to provide protection from technology disruptions, but recent incidents have highlighted how ill-equipped these methods are in supporting recovery from cyber incidents. While considered "front line" defenses, traditional distributed denial-of-service (DDoS) prevention solutions are incapable of mitigating against large-scale attacks and can provide a false sense of security.
Explore content
- Denial-of-service disruptions
- What’s wrong with traditional network defense and recovery?
- Get in touch
- Join the conversation
Denial-of-service disruptions
Recently, there has been a significant increase in DDoS incidents. These incidents are proving to be some of the largest technology disruptions in recent years, impacting network connectivity for organizations around the world. The methods used were similar to any other DDoS attack: The target was inundated with massive amounts of traffic to overwhelm its infrastructure—often leveraging Internet of Things (IoT) devices to carry out the attack.
The attack crippled the target's Domain Name System (DNS) services which disrupted business and revenue streams for many companies, including large digital businesses. Traditionally, organizations have relied on DR solutions to provide protection from technology disruptions, but this event highlighted how ill-equipped these methods are in supporting recovery from cyber incidents.
What’s wrong with traditional network defense and recovery?
As technology continues to revolutionize business and as threats to business operations become more complex, legacy solutions are proving increasingly costly, outdated and insufficient. While considered "front line" defenses, traditional DDoS prevention solutions are incapable of mitigating against large-scale attacks and can provide a false sense of security. Utilizing carriers to deflect traffic not only blocks DDoS-based traffic but also blocks legitimate traffic that otherwise should not be blocked. Firewalls are typically programmed to allow access to traffic utilizing some of the same ports and protocols that are most commonly exploited by attackers. Furthermore, the placement of most firewalls within the network tends to be too far downstream to stop many attacks. Attackers also tend to introduce malicious traffic by spoofing the registered IP addresses of the targeted network, further limiting the effectiveness of firewalls and router-based access control lists.
Recommendations
Beneath the surface of a cyberattack
A deeper look at business impacts