THE Philippines is going digital with a vengeance.
The Internationa Data Corp. (IDC) expects a continued positive outlook for the information and communications technology (ICT) sector this year. IDC also strongly encourages the new administration to bring ICT usage and adoption to the forefront. One example is to significantly improve the mobile-Internet experience and connectivity of the Filipino people.
While the digitization of businesses signals progress, the fight against cybercrime still rages on, even as government agencies continue to establish laws and policies on responding to current and emerging cyber threats.
Based on the Philippines’s 2014 to 2015 Cybercrime Report released by the Office of Cybercrime of the Department of Justice, the Philippine National Police recorded a twofold rise of cybercrime incidents (from 288 to 614 incidents) from 2013 to 2014.
More dangerous than ever
WHILE Distributed Denial of Service (DDoS) attacks have been common since the late 2000s, worldwide, the scale of attacks has increased significantly in the past few years. Organizations now find it difficult to combat new protocol exploits and amplification attacks without the support of a cloudbased DDoS scrubbing service.
With cheaper bandwidth costs, it has become more affordable to launch large-scale attacks. Terabyte-sized breaches are on the horizon.
Modern DDoS attacks are not only interrupting or bringing down services, but distracting security operations teams with a mix of threats that have varying effects on the infrastructure. Such attacks are increasing in frequency, volume and sophistication.
Cyber criminals combine volumetric, partial saturation, authentication-based and application-level attacks until they find the weakest link in the chain of command. These threats, which are becoming more difficult to defend against, are often a precursor for advanced persistent threats (APT).
How quickly an organization can discover and stop these threats is key to ensuring service continuity, as DDoS attacks aim to bring down an enterprise’s services. Also, the pervasiveness of volumetric DDoS, along with the potential increase in BOTs, requires a hybrid DDoS strategy that combines on-premise Web application firewalls (WAF) with cloud-based scrubbing services.
Stopping a DDoS attack
WHEN a company detects that it is under DDoS attack from its on-premise WAF, it switches the incoming traffic to a cloud-based DDOS scrubbing service to identify and mitigate threats. Once traffic is clean, it may be rerouted to the company. During the attack, the firm continues to operate as it would under normal circumstances. The scrubbing service effectively mitigates DDoS, while enabling the company to continue to operate.
Businesses must protect their infrastructure from large-scale and incessant attacks, yet not compromise on per formance. The ideal security posture is to have comprehensive protection. Granular DDoS rules and policies coupled with contextual knowledge of identity and user access to applications and data will enable companies to secure their networks. This is enabled by the automatic collection and analysis of data across deployment environments—data that includes SSL inspection, behavioral analytics, bandwidth usage, health monitoring and other statistics.
This ensures that attacks can be detected sooner so that mitigation can be activated swiftly and accurately via hardware, upstream or across cloud-based services. Services may immediately transition back to full functionality once attack traffic has subsided to manageable levels.
The security landscape of the future
OVERALL, DDoS attacks will continue to increase in sophistication and capacity, potentially aided by the numerous Internet-of-Things devices coming online. Attackers’ ability to amplify vastly and scale quickly makes it easy for an attack to easily cripple an organization’s operations, render their applications useless and gain access to critical data.
A hybrid mitigation approach is now more necessary than ever. Security solutions must be comprehensive enough to address the multiple threat vectors and increasing severity of DDoS attacks. A hybrid security posture is, therefore, necessary to address the demands of the digital age.
As technology upscale, so do the threats; therefore, the cybersecurity walls must rise accordingly to safeguard the business.
Oscar Visaya is the country manager of F5 Networks Inc. in the Philippines. The views expressed by Visaya in this column do not necessarily reflect that of the BusinessMirror’s.