Fighting the Growing Threat of DDoS Attacks Down Under

Rob Malkin, Managing Director, ANZ at F5 Networks

Australia is going digital with a vengeance. According to IDC, as the country embraces the National Innovation and Science Agenda, 70% of Australian SMBs are already digitally transforming their operations.

However, while greater technological capacity fuels business innovation, they must be secured in the network. Failure to do so is costly enough already; cybercrimes cost Australia upwards of a billion dollars every year.

Threats vary in form and severity, from primitive worms to complex ransomware programs, but DDoS attacks have become the main concern for enterprises today. They are growing in strength and complexity – and only seem to be evolving faster to scale the walls of enterprise cybersecurity.

More Dangerous Than Ever

While DDoS attacks have been common since the late 2000s, the scale of attacks have increased significantly in the past few years. Organisations now find it difficult to combat new protocol exploits and amplification attacks without the support of a cloud-based DDoS scrubbing service. In 2013, it was reported that SpamHaus services were brought down as a result of a 300 Gbps attack, while in 2014, an attack peaking at 400 Gbps was recorded. However, the world’s largest DDoS attack in history was captured in 2015 with a peak of 500 Gbps.

With cheaper bandwidth costs, it has become more affordable to launch attacks with scale. Terabyte-sized attacks are just on the horizon. Modern denial of service attacks are not only interrupting or bringing down services, but distracting security operations teams with a mix of threats that have varying effects on the infrastructure. Such attacks are increasing in frequency, volume and sophistication.

Attackers combine volumetric, partial saturation, authentication based and application level attacks until they find the weakest link in the chain of command. These threats, which are becoming more difficult to defend against, are often a precursor for advanced persistent threats (APT).

How quickly an organisation can discover and stop these threats is key to ensuring service continuity. Also, the pervasiveness of volumetric DDoS, along with the potential increase in BOTs, requires a hybrid DDoS strategy that combines on-premise WAF with cloud-based scrubbing services.

Stopping a DDoS Attack

When a company detects that it is under DDoS attack from its on-premise WAF, it switches the incoming traffic to a cloud-based DDOS scrubbing service to detect and scrub the traffic. Once traffic is scrubbed clean, it may be rerouted to the company. During the attack, the firm continues to operate as per normal. The scrubbing service effectively mitigates DDoS attacks which aim to bring down services, while enabling the company to continue to operate.

Businesses must protect their infrastructure from large-scale and incessant attacks, yet not compromise on performance. The ideal security posture is to have comprehensive protection. Granular DDoS rules and policies coupled with contextual knowledge of identity and user access to applications and data will enable companies to secure their networks. This is enabled by the automatic collection and analysis of data across deployment environments — data that includes SSL inspection, behavioural analytics, bandwidth usage, health monitoring and other statistics.

This ensures that attacks, for examples HTTP/S, SMTP, FTP, DNS and SIP can be detected sooner and mitigation activated swiftly and accurately via hardware, upstream or across cloud-based services. Services may immediately transition back to full functionality once attack traffic has subsided to manageable levels.

The Security Landscape of the Future

Australia’s DDoS attacks will continue to increase in sophistication and capacity, potentially aided by the numerous IoT devices coming online.

A hybrid mitigation approach is more necessary now than ever. The ability to amplify vastly and scale quickly makes it easy for an attack to easily cripple an organisation’s operations, render their applications useless and gain access to critical data.

Security solutions must be comprehensive enough to address the multiple threat vectors and increasing severity of DDoS attacks. A hybrid security posture is therefore necessary to address the demands of the digital age – as technology upscales, so do the threats and the cybersecurity walls must rise accordingly to safeguard the business.

Join the CSO newsletter!

Error: Please check your email address.

Tags Australian cyberattacksIDCAdvanced Persistent Threat (APT)APT attacksDDos Protection serviceSMBsthreat detectioncyber securityDDoS attacks

More about APTModern

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Rob Malkin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts