IT Security Professionals Want Better DDoS Protection from Service Providers

Corero polled over 100 IT security professionals at Infosecurity Europe 2016 in London last month, and the survey shows that UK businesses are not only worried about distributed denial of service (DDoS) attacks, they want better DDoS protection from Internet Service Providers. Over three quarters (80%) of the IT security professionals polled believe that their organization will be threatened with a DDoS ransom attack. Even more concerning was the finding that almost half (43%) of the security professionals who took part in the survey thought that it was possible that their organization might pay such a ransom demand.

Without doubt, there is a growing threat of cyber extortion attempts targeting UK businesses. Last month (May 2016), the City of London Police warned of a new wave of ransom driven DDoS attacks orchestrated by Lizard Squad, in which UK businesses were told that they would be targeted by a DDoS attack if they refused to pay five bitcoins, equivalent to just over £1,500. Corero’s Security Operations Centre also recorded a sharp increase in hackers targeting their customers with such demands at the end of 2015.

Dave Larson, COO at Corero Network Security, said: “Extortion is one of the oldest tricks in the criminal’s book, and one of the easiest ways for today’s hackers to turn a profit.  When your website is taken offline, it can cost businesses over £5,000 a minute in lost revenue, so it’s understandable why some choose to pay the ransom. But this is a dangerous game, because just a few willing participants encourage these threats to spread like wildfire. Rather than trying to negotiate with criminals, the only way to beat these attacks is to have a robust, real-time DDoS mitigation system in place, which can defend against attacks and prevent downtime.

“Like old cousins, ransom demands and DDoS are always being used together in inventive new ways to extract money from victims. For example, low-level, sub-saturating DDoS attacks are usually used as a precursor to ransomware attacks.  Because they are so short – typically less than five minutes in duration – they are usually not detected by security teams and allow hackers to find pathways and test for vulnerabilities within a network which can later be exploited through other techniques.”

Other noteworthy statistics from the survey:

  • The majority of those surveyed (59%) worry that their ISP does not provide enough protection against DDoS attacks
  • Almost a quarter (24%) of respondents believe that their ISP is to blame if a DDoS attack affects their business
  • 58% said that they would leave their service provider because of poor service
  • 21% would leave their service provider if it did not offer adequate protection against DDoS attacks

The Role of Internet Service Providers

As DDoS attacks become increasingly sophisticated, many organizations are looking further upstream to their Internet Service Provider to protect against DDoS threats. Over half of those surveyed (53%) believe that ISPs are hiding behind net neutrality laws—the concept of treating all online traffic equally—as a way to dodge their responsibilities in terms of protecting their customers from cyberattacks, such as DDoS.

A telecom company’s role has traditionally been to direct traffic from one destination to another, without passing judgment about the content. Net neutrality, in which carriers treat all data the same, was prized above all else. But the tide of opinion is changing and many customers now want their telecoms to deliver not a decaying mélange of Internet traffic and increasingly sophisticated attack vectors, but a “clean pipe” of good traffic, where the threats have been proactively removed. Providers now have a golden opportunity to offer their customers DDoS protection-as-a-service, and open up valuable new revenue streams in the process – or risk losing their customers.

You can read the original article here.