Recent financial services cyber attacks underscore need for protection with next generation DDoS services
The news that three Dutch banks, as well as the Dutch Taxation Authority, were hit earlier this year by targeted distributed denial of services (DDoS) attacks holds grave cybersecurity warnings for African businesses of all sizes.
This is according to Bryan Hamman, territory manager for sub-Saharan Africa at NETSCOUT Arbor, which specialises in advanced DDoS protection solutions. “The four Dutch organisations were apparently hit earlier this year by a variant of the Mirai botnet that took down the domain name system (DNS) provider DYN and all its associated clients, including such giants as Twitter, Spotify, Pinterest, GitHub, Paypal and PlayStation, in October 2016.
“In South Africa, we have of course very recently (June 2018) had the news of a data breach on financial giant Liberty Holdings. The Information Regulator has since said it is satisfied with the manner in which Liberty dealt with the data breach, and we are not necessarily talking about a DDoS attack in this instance, which aims to disrupt or cause the denial of an online service by overwhelming it with traffic from multiple sources. Nonetheless, looking back at all of these attacks reminds us once again that all companies must be on their guard,” Hamman explains.
“The proliferation of remote working set-ups today, as well as the acceleration of the bring your own device (BYOD) mind-set, has made cybersecurity for organisations increasingly challenging. Businesses are becoming more broadly aware of the risks they face from DDoS attacks and are looking for services and solutions to mitigate these risks, in light of the DDoS evolution – you could even call it a ‘revolution’ – over the past 18 to 24 months. As we have seen, the size, complexity and frequency of attacks have increased dramatically due to the weaponisation of DDoS botnets.”
To assist firms with their DDoS defences, Hamman says that NETSCOUT Arbor offers Network Function Virtualization (NFV) and maturing service management and network orchestration systems (MANO – a framework for the management and orchestration of all resources in the cloud data centre), making it possible for organisations of all sizes to tackle their DDoS defence requirements. NFV is the concept of replacing dedicated network appliances, such as routers and firewalls, with software running on commercial off the-the-shelf servers. This enables a more fluid service-provisioning model.
“Internet security providers (ISPs) and managed security service providers (MSSPs) have experience offering managed security services to their larger customers. In contrast, however, they face challenges scaling managed security services to the small and medium-enterprise markets. NETSCOUT Arbor now makes it possible to package and deliver these services to a much broader range of organisations by way of the NFV and MANO offerings, which offer ISPs and MSSPs the necessary agility to deliver automated, streamlined service provisioning and operational controls.”
Hamman adds that NFV is currently entering mainstream adoption, as the ability to run applications as virtual network functions (VNFs) on demand makes networks more open, scalable, predictable and flexible, which leads to reduced operational costs. He notes, “NFV also brings significant changes to service providers’ operational assumptions and business models. In delivering the next generation of NFV-driven DDoS managed services, NETSCOUT Arbor’s strategy is focused on three key areas, namely: virtualising platforms and services; introducing flexible licensing to support elastic business models, and enabling operators to integrate NETSCOUT Arbor’s solutions into different environments.
“The NETSCOUT Arbor NFV MANO offerings allow ISPs and MSSPs to offer managed services for defence technologies to small and medium enterprises and give them a protection advantage similar to that previously enjoyed only by larger enterprises. In this way, ISPs and MSSPs are able to deliver these capabilities using an operational model that gives them the agility and cost base that they need for a managed hybrid DDoS defence service,” he concludes.