Home Expert View Are DDoS threats tormenting you?
Are DDoS threats tormenting you?

Are DDoS threats tormenting you?


Emad Fahmy, Systems Engineering Manager, Middle East, NETSCOUT, talks about how to take a distributed approach to DDoS detection and mitigation and how an edge-based strategy for DDoS defence can improve service value for subscribers.

The shift to hybrid work and greater reliance on remote network connectivity has led to increased denial-of-service (DDoS) attacks. Dealing with the expanded security perimeter and threat vectors of today’s enhanced network environment is enough to keep service professionals awake at night. This is especially true for providers tasked with delivering reliable service support of cloud services, edge computing, Internet of Things (IoT) devices, mobile users, and distributed data sets.

As if containing capital and operating costs weren’t enough, service providers must also deal with the ever-present and ever-shifting threat of DDoS attacks perpetrated by bad actors intent on finding new ways to disrupt and extort businesses. Mitigating such attacks has always proven to be difficult and costly. As a result, service providers need a modern DDoS mitigation strategy to detect and defend against an increasingly sophisticated adversary.

These trends were felt acutely in the UAE, where Distributed Denial of Service (DDoS) attacks saw a 183% increase last year. And in a 2020 survey conducted by KPMG, UAE business stakeholders expressed their pessimism about the 2021 threat landscape. Some 98% had a dreary outlook for the year when it came to overall levels in cybercrime. Almost two thirds (61%) were worried about phishing while 42% expressed concern over escalations in ransomware.

Taking a Distributed Approach to DDoS Detection and Mitigation

The more traditional approach of taking a centralized DDoS mitigation strategy against attacks is simply not sufficient against this formidable onslaught. Because of the size and complexity of service provider networks, communications often navigate across multiple links, creating exposures to attack that are increasingly difficult to defend. Instead, what is need is a distributed network defence approach to DDoS detection and mitigation that can identify attacks and critical metadata, enabling a rapid response. Such a defence should inspect traffic, analyse the threat, and filter out suspect traffic at every endpoint and connection within the provider’s network.

As service providers increasingly focus on cloud services, edge computing, end users, and endpoint devices, the traditional approach of utilizing distributed detection solutions in concert with centralized mitigation centres within the network is no longer enough. However, mitigation measures that are distributed out to the network edge necessitate both infrastructure and intelligent defence capabilities that are capable of working hand in hand across locations and platforms.

A more modern DDoS threat mitigation strategy involves distributing both detection and mitigation functions throughout the network to intercept threats nearer to the source. In this way, network operators can stop attacks upstream, instead of having to incur the cost of peering and transit link traffic that is only going to be discarded once it reaches a centralized scrubbing centre. By conducting the scrubbing as close as possible to the threat source, service providers can reduce any potential impact to traffic, helping to ensure high-quality service.

Increasing Service Value for Subscribers

An edge-based strategy for DDoS defence is advantageous for service providers beyond the efficacy of mitigating threats: It also can improve service value for subscribers. By speeding up detection and response to DDoS attacks, providers can assure service availability and reliability, enhancing the customer experience, reducing customer churn, improving stickiness, and growing revenue.

What’s more, because modern DDoS defence solutions take advantage of automation, threat intelligence, and distributed mitigation infrastructure, they can be more proactive, while reducing the burden on security resources. This frees up service provider staff to be more productive and efficient.

There is no doubt that DDoS attacks will continue to increase in volume, complexity, and bottom-line impact. For that reason, service providers will need to fight back with modern DDoS threat mitigation strategies that can protect the integrity of their service and offer an opportunity to enhance the business.



Do NOT follow this link or you will be banned from the site!