Neustar is about to release a new report on the DDoS threat landscape. What are some of the key trends to watch? Neustar's Jim Fink offers a preview of the study's findings.
While financial services aren't necessarily seeing the highly-publicized denial-of-service attacks they saw in 2012 and 2013, organizations across all sectors and regions continue to struggle with increasingly powerful incidents, says Fink, Neustar's director of security services.
In an interview recorded at RSA Conference 2014, Fink discusses:
- The latest DDoS trends;
- A preview of the threat landscape study;
- New security solutions to fight DDoS.
Fink, the Director of Cloud DNS & Security Solutions at Neustar, is responsible for the management of Neustar's UltraDNS and SiteProtect product offerings. His team manages all aspects of the platforms and services, including, but not limited to the development of detailed product and platform requirements, strategic product roadmaps, market & competitive analysis, vendor & partner management and service offering definition for online, direct & channel sales. He also actively works with the marketing and sales teams for new customer acquisition and retention.
TOM FIELD: Tell our audience a little bit about your role at Neustar.
JIM FINK: I'm responsible for the security services product line at Neustar. Neustar is actually a very broad company. We started our history running the North American Portability. We've been doing that for 15-plus years. But we've really grown the company into different directions, into data services and security. So right now what we're focused on, at least in our organization, is DDoS, secure DNS service, and expanding into new areas of security.
FIELD: Where is the DDoS/threat landscape in 2014?
FINK: We're actually in the middle of a survey of our customer base right now, as well as the industry in general, looking at where the threat landscape is going and how it's progressed since last year. Right now what we're seeing in the survey, which is still underway and you can see links to it at DDoSattacks.biz, [is] about 51 percent of respondents are saying that the threat landscape has dramatically increased from last year. Beyond that, another 42 percent said it was still about the same as last year and they don't see it decreasing. It's a significant portion of the customer base out there that is still looking at the fact that DDoS is a major threat for them. Really when you boil it down, most of these companies are saying that it costs them about $100,000 per hour during a DDoS event. So it's a significant financial impact to these companies.
FIELD: Presumably you're talking about not just financial services, but other sectors that are experiencing DDoS?
FINK: Absolutely. This is really enterprise across the board, from e-tellers to financial institutions.
FIELD: Tell us about this survey. What are you hoping to find and when will we see some results?
FINK: We're actually finishing up the survey in the next month, so we're going to be having results by early May. We put this out for both North America and Europe. What we're actually hoping to get out of it is that increasing baseline from year-over-year, and really try to discern where our customers are and where their baseline points are.
FIELD: Are you seeing big distinctions between the US and EU?
FINK: It is very different because a lot of the attacks, for better or worse, are implemented out of Eastern Europe. They do a lot of flooding, especially out of Ukraine, and in China. Those are the big areas you see a lot of the traffic coming from.
Products and Services
FIELD: How have Neustar's products and services evolved in this state of DDoS we've been tracking for the last year and a half?
FINK: We've actually continued to evolve our product line. We started out really being a DDoS-on-demand service so that customers could flip their traffic over into us, we would do all the mitigation, and pass that clean traffic back to them. We've actually continued to grow the product line so that what we're offering right now, beyond the on-demand, is a hybrid type of service. We can do a fully managed implementation for customers that really want an always-on type of solution. In this scenario, we actually put devices inline in front of their equipment, we manage that for them. Then, if they're looking like they're going to be overwhelmed by volumes of traffic, we flip it over into the cloud and continue to do the mitigation there. So it really provides that always-on end-to-end level of protection.