How cloud-based security can be used for tackling DDoS attacks?

  • Nitin Mishra
  • May 19, 2021
  • 3 min read
How cloud-based security can be used for tackling DDoS attacks?

In May 2021, press reports said that many government websites in Belgium were taken offline as the country’s ISP, Belnet, was hit by a massive DDoS attack. The DDoS attack impacted more than 200 institutions, and the websites of many government institutions were deemed inaccessible due to the attack. In March 2021, Akamai reported that an European gambling company was bombarded with junk traffic that was peaking at a massive 800 GB per second. Clearly, with the increase in interest in online mediums, the level of attacks against enterprises has gone up exponentially. Recently, security firm, Netscout, released a report which revealed that 2020 was the first year where the number of DDoS attacks crossed the 10 million mark.

For those who are unaware, a DDoS (A denial of Service) attack is an attempt to impact the availability of a system or a website to end users. This is typically done by flooding the target website or system with large volumes or packets of data. The target website or system gets overwhelmed in handling the huge volumes of requests, and is forced to be offline to mitigate the attack. DDoS attacks can be infrastructure layer attacks (typically large in volume and designed to overload or flood the network) or application layer attacks (focused on certain parts of the application, such as a login page. Typically, a large volume of HTTP requests is directed towards a particular page or part of an application making it inaccessible).

Every DDoS attack has the capability to cause immense damage from a financial as well as brand perspective. In many cases, DDoS attacks are also used as a decoy to deviate the IT team’s attention, and then use the opportunity to breach the company’s perimeter using malware attacks or by intruding the network. In the face of a DDoS attack, the customers of the company would also not be able to use the company’s services and products, thus causing serious revenue losses.

The importance of cloud-based security
With increased complexity and scale of attacks, it is becoming increasingly difficult for any enterprise to handle a targeted DDoS attack. Enterprises can decide to partner with a managed security service provider, and take a pay-per-use DDoS mitigation service.

Some of the key benefits of using cloud-based security solutions for mitigating DDoS attacks include:

  • Global DDoS mitigation network: Experienced managed service providers have advanced DDoS filtering techniques, advanced routing and automated tools that help in automatically removing malicious traffic before they hit the enterprise network of a company. This is typically designed to protect against all types of DDoS attacks aimed at the network, transport or application layers. A global distributed network architecture ensures website availability in the face of a targeted DDoS attack.
  • Knowledge to fend off sophisticated attacks: Managed service providers have access to the best skilled teams who use SOCs to monitor attacks and respond in real-time. Skilled manpower is highly critical in a DDoS attack, as the hackers may decide to change their tactics during the actual attack. For example, by monitoring network traffic and discovering any anomalies, skilled personnel may decide to reroute network traffic through a different network path.
  • Proactive monitoring and protection: Managed service providers help in proactive prevention of DDoS attacks by constantly monitoring infrastructure and applications. This also includes addressing any possible vulnerabilities through system administration, updates, patches and hotfixes.
  • Comprehensive monitoring of data: Managed service providers provide comprehensive analytical information on security incidents, which is a valuable asset for the SOC team, and is useful in presenting an accurate view of the organization’s security posture. For example, the analysis of the data could help in providing visibility on compliance with policy and regulatory mandates. The analysis could also help in detection of malware activity based on behavior profiling and in detecting anomalies across all network traffic.
  • Pay per use model: The pay per use model allows enterprises to get the benefits of a managed DDoS protection service without paying any upfront costs. This enables customers to expand or reduce their level of service, based on specific requirements.

In summary, enterprises can greatly reduce business risk and reduce the probability of downtime by going in for cloud-based DDoS protection services. A cloud-based DDoS protection also allows enterprises to defend proactively against new and unknown threats, which are constantly updated by managed service providers.

Nitin Mishra

Nitin Mishra

Head of Cloud services, NTT Ltd., India

Nitin Mishra is head of Cloud services business in India and also serves as Board Director on some of NTT Ltd’s India companies. The India business is part of NTT Ltd, which is US$11 billion global technology Services arm of the NTT Group. Nitin has almost 25 years of industry experience in the ICT domain and Indian Enterprise market. He has been a key Management member of the erstwhile Netmagic for over 21 years and has played many significant multi-functional roles. Netmagic was acquired by NTT and is now integrated into NTT Ltd.

  • Share on:

Tell us how we can help you

+ =