Whatever device, interface or stack you’re using, it’s at risk from cyber-attacks. To ensure device and data protection at all times, your network needs testing.
These are a series of quantitative and qualitative measurements conducted by tech specialists to give you a detailed account on the quality and integrity of your network. It records and evaluates certain processes or behaviours of a network that defines its overall performance. It is through network testing that you can ascertain whether your network configuration functions as designed.
Network testing also offers an objective view of the software, allowing you to understand and appreciate how it works. Active network testing lets you detect issues as soon as they occur so that you can minimise the risks of network hacking.
As we look back, one of the most obvious stories will be the dramatic rise in the weaponization and size of DDoS attacks. At the beginning of 2016 we noted the largest attack being approximately 500Gbps. In the later months, we saw the monetization of multiple IoT-based botnet DDoS attacks that were close to breaking the 1 Tbps mark.
As a marketing person, these eye popping numbers are great for collateral. However…the reality is, that the vast majority of DDoS attacks are much, much, smaller in size. For example, according to our 2016 ATLAS statistics 80% of all DDoS attacks are less than 1 Gbps. Odd as it may seem, this reminds me of the saying “You don’t need to be faster than the bear… just faster than your friend.”
One of the most popular network threats is the Distributed Denial-of-Service (DDoS). DDoS attacks are designed to overwhelm a system’s resources so that the network can’t respond quickly or properly to service requests. This can cause an effect non distinguishable from shutting down the site or network. Attacks are usually launched from infected host machines controlled by hackers.
What happens is that the assailant exploits a vulnerability in a network and infects it with a malware. Once the network is under the control of the hacker, it’s now referred to as a bot or a zombie.
Here are the three kinds of DDoS attacks:
- Network-centric/volumetric attacks- These attacks overload targeted resources by exhausting the existing bandwidth with packet floods that compromise the performance of the network.
- Protocol attacks- Using flaws in the protocols, the hackers attack network or transport layers to overwhelm the targeted resources.
- Applications layer attacks- With an application layer attack, the hacker overloads application services or databases with high volumes of application calls, causing a denial of service.
So what does this have to do with the size of DDoS attacks?
When it comes to volumetric DDoS attacks; the DDoS attack doesn’t have to be massive to impact you. It only has to be as large as your network pipe.
As stated before, the vast majority of DDoS attacks are under 1 Gbps. In my experience most organizations (obviously not including service providers) have internet facing circuits that are less than 1 Gbps. Which means that they are very vulnerable to DDoS attacks.
Here’s another stat. According to Arbor’s 12th Annual Worldwide Infrastructure Security Report (WISR), 41% Enterprise and Gov’t institutions and 60% of data center operators reported DDoS attacks exceeding their total internet bandwidth.
In these scenarios, it’s an undisputable fact that the only way to protect your organization from volumetric attacks – large enough to saturate your network pipes – is to reach upstream to your ISP or a MSSP (such as Arbor Cloud) for in-cloud DDoS protection.
And since DDoS attacks can occur without warning, automation is a key factor in defense. In fact, according to our 2017 ATLAS statistics, 90% of attacks last less than 1 hour. The faster you can detect and mitigate the less impact these attacks will have on your organization. Arbor’s on premise products such as Arbor APS or Arbor Cloud Flow Based detection, are designed to automatically detect and “cloud signal” to the Arbor Cloud for mitigation of volumetric attacks.
DDoS attacks can have lasting effects on your business. Although it’s difficult to eliminate all risks at once, one way you can prevent a DDoS attack on your network is to perform ongoing network security assessments that look for and resolve any vulnerabilities. Another way is to implement proactive monitoring and alerting for any threats so you can minimise the damage of an attack on your business.
So just as you only need to be faster than your friend when being attacked by a bear, a DDoS attack only needs to be as large as your internet pipe to potentially be impactful. Always on-detection and automated mitigation in the cloud are the best practices to minimize the impact of a majority of DDoS attacks.
To get a rare view into the most critical security challenges facing today’s network operator, download the full 2017 WISR.
We Can Help
At Matrium Technologies, we believe network testing is crucial to your business’ success. A balance between complexity and optimisation are the keys to an excellent network. Dealing with a network security threat is often a challenge, but with the help of skilled engineers and efficient network testing, you’ll have the support you need to keep the network infrastructure running smoothly.
We are a leading technology solutions provider in Australia with years of experience in the industry. We help protect your data centre in an increasingly hostile digital environment, ensuring your network is safe from data hacks and breaches.
Get in touch with our team today.