Wednesday, March 11, 2015

How to overcome the Cloud DDoS awareness issue

Recent research has revealed what most people working in the IT security sector already know: that Distributed Denial of Service (DDoS) attacks have become commonplace. However, there's something of a disconnect between acknowledging the risk and actually doing anything to mitigate it. One such survey by DDoS mitigation outfit Black Lotus showed that PaaS providers (with 64 per cent being impacted) and managed hosting solutions (56 per cent) were towards the top of the attackers' target list along with IaaS providers (52 per cent). A third of the providers questioned said that they remove the customer being affected, and half apply a temporary block until the attack is stopped. Both scenarios leading to those customers losing business, but also to an increased rate of churn for the provider who is unlikely to retain that business unless some kind of DDoS mitigation strategy is built into the offering. Service availability is not only a primary requirement in the online gaming business, it's fundamental for any cloud service. If a DDoS attack interrupts that availability, even if only by introducing latency into the equation, the reputational damage is hard to repair in such a competitive marketplace as that of cloud provision. Dave Larson, CTO of Corero Network Security, quite rightly nails it when he says "as devastating DDoS attacks are no longer a matter of IF, but WHEN and before subscribers take their business elsewhere, the providers need to act."