Big banks are smashed by DDoS attacks every day and largely do not bat an eyelid. Online gambling companies, too, across Australia are blasted during big sporting events. These top end of town players have expensive, tried-and-tested scrubbing mechanisms to largely neuter DDoS attacks, although some betting agencies are known to have regularly paid off attackers during the Melbourne Cup, treating it as a cost of business.
The midmarket is not left to its own devices, however. Hosting providers like Melbourne IT and others offer DDoS protection against applications and services, while other companies have cheaper offerings for the budget market.
“I am sympathetic to the midmarket, their need for bang-for-buck,” Ellis says. “The challenge for the midmarket is that they don’t have the money that they need… they should focus on business outcomes and partners who understand their business and design outcomes.”
For Secure Logic’s Devaraj, DDoS mitigation comes down to a solid cyber security operations centre. “It is where I believe the industry should invest, rather than a particular technology.”
Yet companies can use free or cheap DDoS protection from the likes of CloudFlare, or opt for do-it-yourself options that require hardening of security defences – something the average small technology shop may lack the ability to do.
“There are DDoS sinkholes and capabilities with our cloud partners,” Wright says. “If a resource or function is hit, we can move workloads to other resources dynamically.”
Arsene agrees. “Midmarket tech guys need to start by incorporating DDoS attack risks into their corporate security strategies. Using a secure and managed DNS that supports changing internet protocols on the fly is also recommended, as well as patching software vulnerabilities to mitigate application layer attacks.”
Secure Logic chief executive Santosh Devaraj
Case study: Dodging the ballot bullets
Last year as NSW went to the polls, Secure Logic chief executive officer Santosh Devaraj and his team went to the Cyber Security Operations Centre. It was time to test whether their months of preparation had paid off: would voting go smoothly; or would the most politically charged of events draw activists and their distributed denial of service attacks?
Devaraj and his team had combed social media feeds for mentions of the NSW election along with keywords synonymous with cyber attacks and DDoS, possible threat actors including members of Anonymous and hackers working for nation states.
“DDoS attacks were definitely part of it,” Devaraj says, adding that the firm created its own diversionary tactic known as honeypots as part of its successful strategy to mitigate DDoS attacks. “We knew that iVote would bring targeted DDoS… and we were dynamically changing the environment to make it very hard for attackers.”
Social media feeds poured into its security centre along with those from intelligence firms such as FireEye, helping to identify and prevent what were feared to be possibly large attacks.
But threats were mitigated before and during the election, and the iVote system remained operational.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
