The recent takedown by international authorities of the hacking-for-hire website Webstresser spotlights the evolving nature of the cyber threats that enterprises and midmarket companies – and even smaller organizations – face today.
Webstresser was set up to help others wage DDoS (Distributed Denial of Service) attacks against the targets of their choice, for a fee. Basically, their corporate business model was based on helping their customers damage other companies. Think of them as Chaos R’ Us.
If you wanted to hack a company, to mess with their website by bombarding it with traffic, but didn’t have the skills, this site was your answer. Maybe your motive was revenge, or maybe the DDoS attack was intended as a diversion while a real and more damaging data intrusion was being done elsewhere. It didn’t matter to Webstresser.
We’re all better off with Webstresser out of business, but don’t for a minute be lulled into a false sense of security. There are lots of “companies” ready to satisfy that market need.
How threats are changing
That approach – turning cyberattacks into an as-a-service offering – is just one of the ways that threats have evolved. Over the past decade, we have seen great leaps in the sophistication of various types of cyberattacks. And as companies large and small move to digitalization, there are many, many more points of potential entry for intruders.
At the same time, traditional types of attacks persist, among them phishing, ransomware, and of course DDoS. And the weakest link for targeted companies continues to be their employees. By persuading just a couple of your employees to click on a link in a convincing but bogus email, a criminal has just taken up residence in your company, figuratively speaking.
In business, pretty much everything has gone mobile, and that includes the biggest threats that organizations face today. Mobile malware has exploded, in part because users still look at their phones differently from their laptops and are less obsessive about security.
When you couple the myriad ways of connecting – Bluetooth, Wi-Fi, cellular, etc. – with the fact that busy professionals want to work with a single device, you get a mobile threat bonanza. Our single device has our personal and business apps, often commingled and with neither side properly locked down. But even as the mobile cyberattacks grow more sophisticated, the number one threat is still a lost or stolen mobile device.
IP Defender is designed as a “hammer” for the “nail” of DDoS.
A new data risk model
The move to mobile has shaken up our data flow model. That model used to be more contained and controlled, with data flowing from the data center to the company headquarters to the internet. Now companies have to be constantly aware of how they manage and secure their mobile devices to deter the danger of cyber intrusion.
Another risk factor is the cloud. Even though almost all cloud services are inherently secure, those services can’t control who you, as a customer, give access to. Say you bring in a coder to work on an app. In a more controlled environment, you can give that coder access to a port and then shut it down when the coder’s work is done. But in the cloud, there is less opportunity for that level of control.
There’s a lot of truth in the observation that enterprises defending their networks have to repel 100 percent of the attacks against them, but hackers only have to win once to do real damage. For a company, winning requires having a skilled security team on your side and a secure mindset throughout the organization.
That’s easy to say, but with far more security jobs open than there are qualified people to fill them, companies of all sizes are struggling with building the teams they need. That is a situation we appear to be stuck with for at least the short term.
There is an answer in the form of security solutions from outside providers. When it comes to DDoS attacks, Sprint offers its IP Defender as a strong counter-weapon.
IP Defender, part of a suite of Sprint Secure Solutions, is a cloud-based perimeter security service. It uses advanced filtering techniques to remove the bad traffic and forward only legitimate traffic to a customer’s network. This keeps their internet presence open and available even while under attack.
It proactively detects and mitigates network-wide anomalies caused by DDoS attacks, botnets, and other threats, complementing existing security methods such as firewalls, intrusion detection and prevention systems, and unified threat management systems.
IP Defender is designed as a “hammer” for the “nail” of DDoS. It leverages the capacity of the Sprint core network to absorb and deal with a DDoS attack. As an example, if your company has a 5 MB circuit, but someone is throwing a 6 MB attack at you, you’re going to be overwhelmed and your website or other electronic access effectively shut down.
IP Defender is able to absorb the overload onto the Sprint network, then scrub the traffic, find the legitimate traffic and send it to you, discarding the rest.
One IP Defender user is a financial organization with numerous locations that operates in a regulation-heavy, no-failure-accepted environment. The company is able to provide advanced threat protection on a managed services basis, with day-to-day operational support. Another user is a Fortune 500 company that solidly protects its entire consumer-facing e-commerce operations from DDoS attacks.
Looking ahead, you will see much more use of artificial intelligence and data analysis to fight the cyber wars and defend companies from attacks. But you can be sure that the attackers will also be taking advantage of those technological advances.
This is, sadly, a never-ending battle, and if you want your company to be able to fight to a draw, security must be woven throughout your corporate strategy and business. The more you can understand where your vulnerabilities are, and where you may be exposing information, the better you can arm and defend yourself.