Bruce is by far the most prolific writer and researcher in security. He states things as they are and frames challenges brilliantly. Please check out his site, bookmark it, and be sure to read the comments – they are shockingly worth your time. He recently posted about DDos and the profiling with an aim to perhaps, Take Down the Internet.
While that requires our attention, there is a call out on – what can we do? Well, I see one immediate takeaway as it applies to your business, safety, and ongoing prosperity … but first a quote from the article:
The attacks are also configured in such a way as to see what the company’s total defenses are. There are many different ways to launch a DDoS attack. The more attack vectors you employ simultaneously, the more different defenses the defender has to counter with. These companies are seeing more attacks using three or four different vectors. This means that the companies have to use everything they’ve got to defend themselves. They can’t hold anything back. They’re forced to demonstrate their defense capabilities for the attacker.
So if someone is employing multiple attack methods they are testing your defenses … that begs the question:
- Do you have your own internal threat intelligence shored up to be smart and effective in this area?
- Is fraud a risk and are you able to identify these risks from different angles?
- Are you data mining all of your logs (across the enterprise if you are so large) for such findings and nuggets of importance?
- Are you capturing the right data to conduct such an analysis – it requires a bit of deep integration across IT and your product teams AND your suppliers
So much can be managed with a bit of insight and action … please help keep our Internet operational, pleasant, and your business available.