With endless information security problems and all sorts of network attack methods recently, local and overseas enterprises are taking cautious defense. However, incomplete protection mechanisms may result in significant damages. Recently, among the information security attack incidents, distributed denial of service (DDoS) attack is most rampant. On October 21 this year, US DNS service provider, Dyn, encountered a massive DDoS attack, paralyzing the DNS sites that is hosts for nearly 10 hours. Some well-known sites affected include CNN, Twitter, Airbnb, etc. Taiwan’s First Securities website and First Bank’s online banking were also attacked by DDoS in September, denying users connection to personal banking and access to electronic brokerage platforms for placing orders. The damages are inestimable.
Internet of Things exacerbated the scale of DDoS attack, and the key is offshore multi-site joint defense
Why is DDoS attack able to affect normal business operation? DDoS attack can be categorized into bandwidth exhaustion (flooding bandwidth) and resource exhaustion (flooding server resources) attacks. These two types of attacks paralyze the network and system by occupying network resources with huge number of genuine or fake connection requests. Take banks for example, the purpose of the attack is denying users from using online banking by paralyzing the system, and thus tarnishing its reputation. The ultimate purpose is to extort the bank through this action. If such attack happens on online gaming companies, it denies players from connecting to the game, and thus attacking the game’s usage.
The rapid development of Internet of Things has resulted in the increase of scale of DDoS attack in recent years. Unlike in the past where hackers secretly stealing confidential information, DDoS attack is a high-profile wave attack that shatters the system. Facing such attack methods, eASPNet Taiwan Inc., which has 16 years of professional experience in data center operation, recommends that enterprises may select a DDoS defense program for them in achieving the best defense effect.
As a professional hosting and cloud application service provider, eASPNet cooperates with three out of the world’s top five DDoS defense operators. eASPNet is thus able to swiftly provide offshore multi-sites joint defense service, and is currently able to defend up to 2TB traffic. With the advantage of being a neutral data center, eASPNet is able to provide various DDoS defense operators with cross-country cooperation service. If enterprises have such defense requirements, they would be able to enjoy not only one DDoS defense service, but a choice among eASPNet’s partners.
Expert’s recommendation in defending against common DDoS attacks
The two most common DDoS attacks are bandwidth exhaustion and resource exhaustion. Bandwidth exhaustion attack refers to transmitting heavy traffic to victim’s network, while resource exhaustion attack refers to occupying the companies’ firewall or system sessions. Each session’s bandwidth need not be too large, but the huge number of sessions may result in the company’s system unable to handle and thus paralyzed.
Hans Huang, with more than ten years of industrial experience, shares the methods for enterprise defense. He said that when faced with resource exhaustion attack, enterprise users may set their own line of defense by purchasing protective equipment. They can even establish checking conditions according to their service characteristics. Currently, the market already has many hardware equipment companies that provide security equipment to defend against DDoS attack.
However, when faced with bandwidth exhaustion attack, the situation could be more complicated. Hans Huang said enterprises generally lack the capabilities in defending against such heavy traffic attacks and there is a limitation in handling traffic. It’s impossible to lease large bandwidth to defend hackers’ attack, and could only do so with telecom operators or internet service providers (ISP). Currently, there are some domestic companies who bring in the concept of DDoS defense center from overseas. Some telecom operators may claim to be equipped with the relevant equipment, but there are limitations to the amount one equipment can handle. The amount of bandwidth the telecom operators can provide is also limited, and companies would be helpless if it exceeds the maximum traffic provided.
Hans Huang also talked about the defense methods against bandwidth exhaustion attack currently in the world. Defense should not start only when one is being attacked. Instead, traffic scrubbing should begin when it’s nearer the attack source, and joint defense with multi-sites offshore defense carried out. This method is applicable for both bandwidth and resource attacks. However, he emphasized that scrubbing traffic by scrubbing centers is efficient for bandwidth exhaustion attack; for more efficient defense against resource exhaustion attack, companies should purchase equipment with defense function.
The arrival of the Internet of Things era has provided convenience to our lives but has also given ill-intentioned people the chance to increase the magnitude and scale of network attack. If companies do not have complete information security measures, the effect and threat to them would be huge if they encounter attacks. Suffering one malicious attack would be enough to tarnish the company’s brand image and reputation established over the years.
