Nightmare free with application protection services

Author: Benn Alp, Solutions Architect of ANZ for F5 Networks

The digital revolution has created the demand for companies to build their online business presence through a spectrum of mediums such as websites, social media and applications. Particularly, on premise, hybrid and cloud applications are increasingly being used more within organisations because of its reduced costs, universal (always available) access, flexibility and up to date software.

Unfortunately, the public nature of these mediums are vulnerable and create avenues for hackers to infiltrate. Hence, organisations need to build defences to protect their digital assets from various threats such as a Distributed Denial of Service (DDoS) attack. According to PwC’s Global State of Information Security Survey, Australia is leading the world in cyber security incidents increasing by 109 per cent to 9,434 over the past 12 months, which was triple the number of incidents globally at 38.5 per cent.

Deflecting the DDoS

DDoS attacks are one of the most common and dangerous threats facing Australian organisations. DDoS attacks are an IT professionals’ nightmare – they can knock out applications that generate revenue and facilitate revenue or can take down entire networks.

Organisations face many challenges when attempting to protect themselves against the sophistication of DDoS attacks. Two key traditional methods to help prevent attacks is to run data through a high capacity server as well as scrubbing filters (first line of defense) to prevent an inflow of fake traffic. In addition to traditional, on-premises solutions, many enterprises have adopted cloud-based DDoS protection services. The benefits of these on-demand services include increased and scalable bandwidth to protect against massive attacks, 24/7 monitoring and response from security experts, and a constantly updated knowledge base designed to protect against all attack vectors. Cloud based DDoS protection services help keep enterprise’s websites up and running – even in the face of volumetric attacks that would otherwise flood the organisation’s network.

However, the comprehensive set of tools provided by cloud-based DDoS protection services is only effective when set up and configured correctly. One method of protecting a website from DDoS attacks is to use a technique called Domain Name System (DNS) Redirection, where web traffic is steered through a DDoS scrubbing centre by modifying the IP address for the site. This strategy often works, but recent DDoS attacks on the DNS such as iiNet experienced this year prove vulnerabilities in protection services if organisations don’t correctly configure their cloud-based DDoS protection. There is also the fact that organisation’s IP addresses are not truly invisible from the prying eyes of the Internet.

Stopping the prying eyes

Using a tool called CloudPiercer, organisations can determine whether they are unwittingly exposing the hidden IP addresses of their public-facing sites.

So, if the address of a public facing site is not as invisible as the business may need, what’s the next step?

DDoS protection customers who want to use DNS Redirection to foil potential attackers should take two steps to ensure the security of their sites. First, reach out to a security provider to help set up and configure the DNS Redirection solution to the business’ account.

The second half of the solution—and the key to protecting a site—is to ensure deployment of firewall rules to only allow traffic coming from the DDoS Protection Service. This establishes a clean path from the Internet to the cloud-based DDoS protection service through to a site. Any other attempt at accessing the site from the Internet should be blocked. To do this, configure rules on the local firewall and work with an ISP to put in place rules that will only allow web traffic from the protection service to your site.

Protection is complete

As the digital revolution brings more devices online, the trend of the DDos attack will continue to increase as there will always be malicious – or curious – people who will use all the available tools to discover things on the Internet that organisations would prefer to keep private. Rather than trying to hide the information (a time-consuming and ultimately counter-productive task), protect the site – and the business – by making sure DDoS protection tools are set correctly to prevent unauthorised requests from compromising a site and ultimately DNS hijackers.

Want to know more?

Why not become a CSO member and subscribe to CSO's mailing list.

Get newsletters, updates, events and more right here.

Join the CSO newsletter!

Error: Please check your email address.

Tags distributed denial of service (DDoS)online businessNightmareapplication protection servicesCloudPiercerPwCDNS RedirectionDNS hijackerscyber security

More about 24/7CSO

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Benn Alp

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts