- Home
- Articles
Mitigating DDoS Risks
Traffic Analysis, Cloud Services Can Help Mitigate Risks
Download the transcript of this interview in PDF format (sponsored by Corero Network Security)
The recent wave of distributed denial of service attacks against U.S. financial institutions prove organizations aren't doing enough to prepare for online attacks, says Jason Malo of CEB TowerGroup.
Related Content
- ISSA's Awareness, Healthcare Initiatives
- Bank Attacks: 7 Steps to Respond
- How a Breach Led to Change in Culture
- Banks Under Attack: PR Missteps
- The Infosec Education of Nikki Haley
Related Whitepapers
- Four Keys of Effective 'Next Generation' Security
- Next-Generation Firewalls: The Best Defense Against a Challenging Threat Landscape
- 12 Things Effective Intrusion Prevention Systems Should Do
Malo, a financial-services research director at the Boston-based consultancy and web security expert formerly with VeriSign, has been studying DDoS attacks for some time. He says the recent wave of large-scale attacks affecting leading institutions have exposed website weaknesses few organizations have adequately addressed.
Malo says DDoS-attack preparation and prevention comes down to risk assessment and scale.
"As the breadth of the attacks starts to ramp up, you've got to be able to not only understand the traffic coming in and out of your network, but also what that traffic looks like," Malo says in an interview with BankInfoSecurity's Tracy Kitten [transcript below]. "That's one thing that has really marked the evolution."
Companies, Malo says, can then scale their abilities to handle traffic based on normal patterns. "With [DDoS attacks], it's a significant amount extra traffic, and the numbers don't tend to work out if you're looking at scaling to that significant level."
There are solutions out there to deal with these types of attacks, he adds. "Banks don't have to put in huge investments of capital to be able to put mitigation in place."
Further, a cloud approach could assist with deflecting a large, volume-based attack, Malo says. "If someone is hitting you with a significant amount of data, there's benefit in meeting volume-per-volume," he says. "If there's a way to augment that through a public cloud infrastructure, where you don't need to crack open packets and get into any kind of deep inspection, there's absolutely benefit there."
During this interview, Malo discusses:
- Cloud-based services and other outsourced solutions that address DDoS;
- How banks and credit unions should use big data to improve analytics and anomalous activity detection; and
- Why banking institutions need to implement more than intrusion detection and prevention systems to thwart DDoS-related outages.
Malo, who works in CEB TowerGroup's retail banking and cards practice, has more than 16 years of online service development, management and marketing experience. Malo is focused on market evaluation and product strategy for mobile banking, emerging threats, regulation and customer attitudes surrounding security and fraud across banking and card channels. Before joining CEB TowerGroup, Malo spent five years with VeriSign, where he managed development roadmaps and go-to-market strategies for cloud-based products that address threats to personal information, network infrastructure and commerce. Earlier, at Bank of America, Malo led projects that addressed enterprise and consumer authentication, consumer privacy and security, online banking, information security, and platform consolidation.
DDoS Attacks
TRACY KITTEN: Can you give us some background about what a DDoS attack actually is?
JASON MALO: It's an attack that's meant to deny resources to someone, and, most traditionally, this has been looked at in a consumer environment, where a website is hit with a denial-of-service attack which renders it unavailable to its normal clientele.
A DDoS attack - while categorized as a massive overwhelming of critical resources - is not just blunt instruments. They're not just flooding Internet pipes and pounding on Web servers until they fall down. There's actually a wide range of different attack types at every place in the delivery of those services. You can have attacks that are going after and trying to flood your Internet pipes. You can have attacks that go after the amount of processing power that any one of your Web-application servers may have. Or you can have things that look to exhaust the number of sessions that your application can have in place. It can put a taxing amount of traffic on the amount of images and content it's able to deliver back out, for instance.
- 1
- 2
- 3
- 4
- ...
Follow Jeffrey Roman on Twitter: @ISMG_News
Independent monitoring shows U.S. banks doing a better job of deflecting DDoS attacks....
Latest Tweets and Mentions
Independent monitoring shows U.S. banks doing a better job of deflecting DDoS attacks....
The ISMG Network
-
Article
Career Transitions: Making Big Moves
How Two Financial Security Experts Made Career Shifts
-
Article
CISOs and the BYOD Challenge
Top-of-Mind Concerns to Address in 2013
-
Article
Is a Cell Phone Ban Too Extreme?
Experts Discuss How to Help Volunteers Ensure Privacy
-
Interview
How to Keep Mobile Health Data Secure
Federal Adviser Offers Three Top Tips
-
Article
Breach Stats: Signs of Improvement?
2012 Breach Tally, So Far, Much Lower Than 2011
-
Article
HealthInfoSec Credential in Development
Training, Testing Could be Available Next Year
-
Interview
Storm Offers Disaster Planning Lessons
Cross-Training Staff an Essential Step
-
Webinar
Dept. of Health & Human Services HIPAA Audits: How to Prepare
-
Article
ID Theft Incident Leads Breach Roundup
Employee Stole Information on 2,800 Patients
-
Article
Addressing BYOD in Healthcare
Federal Adviser Lists Top Recommendations