DDoS Protection , Security Operations
The Growing Threat from Multi-Vector DDoS Attacks
Netscout's Brian McCann Analyzes How DDoS Attacks Are EvolvingMultivector distributed denial-of-service attacks are having a bigger impact than simple volumetric attacks, says Brian McCann, president of Netscout's security business unit, and president of its security subsidiary, Arbor Networks.
These multivector attacks combine volumetric attacks, stateful exhaustion attacks and application-layer attacks, he explains in an interview with Information Security Media Group.
"Volumetric attacks have been growing each year, but the bigger issue is this complex nature of DDoS attacks today," he says. "What's noteworthy of volumetric attacks today is that technologies are being weaponized at levels that are unprecedented (see: Memcached DDoS Attacks: 95,000 Servers Vulnerable to Abuse).
Application-layer and stateful attacks, on the other hand, are stealthy; they take the firewalls out, leaving the enterprise open to other kinds of malware intrusions, he says.
However, with recent volumetric attacks, the focus has been on the large peak attack size. And despite their large size, these attacks don't seem to have a big impact. For example, the 1.3 Tbps attack against GitHub only caused about 20 minutes of disruption. But that's probably because the organization had the capacity to deal with this scale, McCann says. "Post the Dyn attack a couple of years ago, organizations and most tier-one service providers have put in effective DDoS visibility and mitigation in place to be able to deal with something of this size," McCann says.
McCann stresses the importance of adopting security best practices and conducting drills to test if mitigation is effective.
In this exclusive interview (see audio player link below image), McCann also offers insights on:
- The changing nature of the DDoS landscape;
- The intent behind some of these attacks;
- The need to bring network intelligence and security analytics together.
McCann serves as president of Netscout's security business unit, which includes Arbor Networks. He joined Netscout following its acquisition of Onpath Technologies in 2012. Previously, McCann was the founder and president of the U.S. division of ADVA Optical Networking, and the chief sales and marketing officer of the global organization.