Man, Machine and DDoS Mitigation: A Case for Human Cyber Security Expertise


Published on | Can automated DDoS mitigation appliances alone stop today’s large, brute force DDoS attacks from bringing down your website? The answer is no. Attackers can overwhelm and sidestep static devices in several ways. In Prolexic’s experience, all the tools available today to fight against DDoS attacks are missing the most important part of the solution – the experience of an expert security engineer. In this short slideshow, Prolexic explains why you need human security expertise in today’s threat landscape.

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Man, Machine and DDoS Mitigation: A Case for Human Cyber Security Expertise

  1. 1. Man, Machine and DDoS Mitigation The case for human cyber security expertise
  2. 2. Automated DDoS mitigation poses risks • Distributed denial of service (DDoS) attacks can overwhelm DDoS appliances • Today’s DDoS attacks are larger and more complex than in the past • Experienced security professionals block DDoS attacks faster than machines • Human eyes and creativity are needed to stop attacks from live attackers
  3. 3. What is a DDoS attack? • A DDoS attack tries to make a computer resource unavailable to its users • It succeeds by overwhelming the target with data, requests or both • Hackers boost their attacks by calling on hoards of compromised Internet devices • The zombie devices have fallen under the control of an attacker through a virus or malware
  4. 4. It’s important to choose the right DDoS mitigation strategy • Outages caused by DDoS attacks are increasing and damaging to businesses • As a result, many organization have made big investments in DDoS mitigation technology – – – – Firewalls Intrusion prevention systems (IPS) Intrusion detection systems (IDS) Router appliances • But often these devices fail to stop DDoS attacks
  5. 5. It’s cheap to rent a botnet to crash a DDoS mitigation appliance • For a few hundred dollars a day anyone can rent a botnet that can command up to 50,000 computers • That’s more than enough to take down a very wellprotected Internet-facing asset such as a router, load balancer or website
  6. 6. Mitigation appliances are no match for the size of today’s DDoS attacks • A local DDoS mitigation appliance can typically stop less than 10 gigabits per second (Gbps) of attack traffic • A firewall offered by an ISP can usually handle less than 20 Gbps • A cloud-hosting provider can usually handle less than 40 Gbps • Many of today’s DDoS attacks are too big for these solutions – 100 Gbps: Prolexic has blocked multiple attacks of this size – 179 Gbps: Largest attack mitigated by Prolexic as of December 2013
  7. 7. Mitigation appliances are no match for the complexity of today’s DDoS attacks • DDoS attacks continue to increase in complexity • Attacks can target three different areas in one campaign – Network layer, described in the Open Systems Interconnection model (OSI model) as Layer 3 – Transport layer (Layer 4) – Application layer (Layer 7) • Layer 7 attacks often look like legitimate traffic – Even simple application attacks can critically overload web servers and databases
  8. 8. All online companies and industries are at risk – regardless of size • Many company executives think it won’t happen to their organization – but they are attacked • High-bandwidth attacks against the financial industry hit in 2012 and 2013 • Gartner predicts a 10 percent growth in the financial impact that cybercrime will have on online businesses through 2016* • Reason for an attack vary: extortion, corporate revenge or simply malicious hackers * “Gartner Reveals Top Predictions for IT Organizations and Users for 2012 and Beyond,” December 1, 2011
  9. 9. Learn more in the white paper • Download the DrDoS white paper: Man, Machine and DDoS Mitigation • In this white paper, find out why you need human cyber security expertise: – Understand the current and future DDoS threatscape – Learn the capabilities and limitations of specific types of DDoS mitigation appliances – Find out how live attackers overwhelm automated systems – Understand the weaknesses of the new breed of intelligent DDoS mitigation device – Avoid blocking legitimate traffic when under attack – Learn about Prolexic’s Security Operations Center
  10. 10. About Prolexic • Prolexic Technologies is the world’s largest and most trusted provider of DDoS protection and mitigation services • Prolexic has successfully stopped DDoS attacks for more than a decade • Our global DDoS mitigation network and 24/7 security operations center (SOC) can stop even the largest attacks that exceed the capabilities of other DDoS mitigation service providers