Help is at hand for operators of critical services who feel overwhelmed by the increasing prevalence of breaches, ranging from ransomware to code breaches and DDoS attacks.
In the aftermath of the Colonial Pipeline attack, critical infrastructure operators must eradicate the specter of lackluster network security.
One of the most pernicious breaches to deal with is the Distributed Denial of Service (DDoS) attack, in which many connected devices are hijacked to take down target websites with malicious access requests.
The Internet of Things widens the reach of DDoS attacks both because it increases the number of devices that hijackers can access, and because endpoint security is often lacking.
And while IoT inherently involves physical hardware, it serves as a gateway to operate large swathes of critical infrastructure.
It is one of the main cavities for DDoS attacks, and new vectors are constantly being discovered. Cyber ââsecurity experts at DDoS protection service provider Netscout discovered seven new vectors for DDoS from January to July 2021, with energy and utility infrastructure among the hardest hit.
âWe’ve noticed a few things with DDoS attack vectors,â said Richard Hummel, threat intelligence manager at Netscout. âOne is that the vectors keep coming in. There is never a time when a vector is no longer used. And what we find is that these vectors are not cleaned up. “
Due to the multifaceted nature of cyber threats, a booming industry of cyber protection services has emerged to help organizations with resources.
Cyber ââsecurity products can integrate at the device, edge network, mobile network, or cloud level to detect malicious activity and redirect sensitive IoT device data or signaling traffic through secure overlays.
Even when critical service providers have in-house technology specialists, DDoS attacks with sufficient firepower are likely to create challenges. Putting in place external assistance and tools such as automated traffic rerouting can reassure businesses in these cases.
âOur mobile network-based solution is complemented by a SIM applet,â said Adam Weinberg, chief technology officer of Israel-based network protection company FirstPoint Mobile. âTogether, these components automatically detect, alert and protect against suspicious communications for every device. “
âThe implementation of the FirstPoint solution is straightforward and requires standard connections to the core network. It’s easier than connecting a mobile virtual network operator (MVNO) to a mobile network operator (MNO).
âThe mobile network-based approach means that all security features are implemented at the network level and respond to all cellular security threats, including bogus mobile phone towers, signaling attacks, attacks. by SMS and mobile IP data attacks. “
While some companies might host an on-site cleanup center to redirect data internally, Netscout’s Hummel said this was unaffordable for organizations on a tight budget. Large organizations may take a hybrid approach, often deploying on-premises security for routine attacks, but relying on cloud protection when breaches exceed predefined thresholds.
âWe see this often,â Hummel said. âMany large organizations want the capacity and control to mitigate attacks that they see themselves, but don’t necessarily have the capacity of a full cleanup center, which can be very costly.
âWhat they’re going to do is ensure endpoint security in the business. Then, if an attack occurs, the box is designed to send a signal to cloud services.
âYou may never need onsite help defeating a DDoS attack. But if you need to reroute the traffic, the signal has already been sent and the cloud center is already primed so that if the attack exceeds your threshold or capacity, the rerouting occurs automatically. “