EDITOR ’ S QUESTION
DATA CENTRE LEADERS MUST ACT SWIFTLY TO ENSURE DDOS ATTACKS DON ’ T IMPACT THE AVAILABILITY OF THEIR SERVERS AND THEIR SERVICES .
RICHARD MEEUS , DIRECTOR OF SECURITY TECHNOLOGY AND STRATEGY EMEA , AKAMAI wider network is a hugely effective first step . Many organisations tend to enable employee access through VPNs , however by doing so they leave themselves open to risks if the user ’ s device or network is compromised . This is undoubtedly a growing issue in these socially distanced times . By focusing solely on access to the application , leaders can better prevent wider access to their networks and block the spread of malware . rganisations are currently
O witnessing an increase in the rate of cyberattacks , with DDoS attacks currently flavour of the month for attackers . We have seen record-breaking attack sizes earlier this year and now we are in the midst of an RDoS campaign , where DDoS is used as a threat should a substantial ransom not be paid . As such , data centre leaders must act swiftly to ensure DDoS attacks don ’ t impact the availability of their servers and their services .
Effective mitigation of DDoS , including the huge , multi-Tbps and 809Mpps attacks seen in June , requires inline cloudbased protection . Effectively managed by a round-the-clock Security Operation Centre , this can provide instant mitigation against known attacks and fast action against evolving tactics , ensuring your services remain online .
Despite this , DDoS attacks are often used to generate smokescreens for more covert , malicious attacks . With the current widespread adoption of remote working , our corporate networks and data centres now have a perimeter that extends into bedrooms , kitchens and home offices all around the world . They are also shared with all the other devices on those networks , including fridges , doorbells , thermostats , security cameras and other Internet-of-Things that may not have such a stringent attitude to security as in the data centre .
Implementing procedures and processes , often called Zero Trust Network Access , that only enable users ’ access to the applications they need , rather than the
If criminals enter a network via other means , their primary objective is likely to be stealing and exfiltrating organisation and employee data . One of the issues for data centre leaders is that outbound traffic , especially when non-user based , is rarely afforded the same level of scrutiny as inbound traffic . The attackers know this and will use many ways to move the stolen data as surreptitiously as possible . As attackers can remain inside a network for many months , identifying them as soon as possible is imperative . Exfiltration commonly requires access to an external server that is found through a hostname . If we can analyse all DNS requests leaving our estate this would give us increased awareness into potential breached servers . In addition , if they were analysed against billions of other global DNS requests to be correlated for malware propensity , even better .
www . intelligentdatacentres . com Issue 20
31