I was reading the other day about a fresh wave attacks threatened to be carried out by The Izz ad-Din al-Qassam Cyber Fighters; I think 2013 is going to be a very telling year for cyber terrorism.
In the article titled, “The Year Ahead, The Cyberwarfare dilemma”, the author speaks about the US Government’s take on this business:
In 2012, U.S. Defense Secretary Leon Panetta called attention to a “Cyber Pearl Harbor.” The catchphrase summarizes what government and defense officials have been saying for some time now: foreign computer hackers are growing increasingly powerful in their ability to disrupt the nation’s vital systems.
DDoS attacks are some of the most high profile examples of disruption. The attacks can take one of two forms, volumetric or application/service-layer attacks; as Rakesh Shah of Arbor Networks writes,
…volumetric flood DDoS attacks exceed the aggregate inbound bandwidth capacity of most Internet service providers (ISPs), hosting providers, data center operators, enterprises, application service providers (ASPs), and government institutions that interconnect most of the Internet’s content….
At the other end of the spectrum, application- and service-layer DDoS attacks focus on degrading the back-end computation, database and distributed storage resources of Web-based services. For example, service or application-level attacks may cause an application server to patiently wait for client data – thus causing a processing bottleneck.
Both forms of DDoS attacks can potentially slow or shut down a Company’s online business causing serious comprise of a company’s brand, perceived security, and financial wellbeing.
Again Mr. Shah of Arbor suggests Cloud Signaling as a best practice when he writes,
The best practice to ensure cloud signaling integrity is to provision a separate out-of-band management network between the data center and the cloud provider. This guarantees that the cloud signaling component remains available even when the entire data center link is saturated in both directions, or completely offline….
This is the point in the conversation where the security of the Out-of-Band (OOB) Management solution is called to question. When deploying the OOB Management overlay, you must ensure that you’re paying the same amount of attention to “back door” of the network that you’re investing in the primary DDoS solution. Relying on under-secured secondary connections would be an obvious mistake in this phase of planning.
About Communication Devices, Inc. (CDI)
CDI is the industry leader in providing Secure Out-of-Band Management appliances and management tools to Service Providers, Enterprises, and Government clients. CDI equipment has the ability to provide 2-factor authentication, as well as 256 CFB encryption; all without the need of network connectivity. Visit www.commdevices.com for more information.