DDoS attacks: Is your cloud provider protected?
As the rate of DDoS attacks continues to climb, it’s important to ensure not only that you have protections in place, but that your cloud provider does too.
While distributed denial-of-service (DDoS) attacks are considered the top cyberthreat facing enterprises, more than one-third of IT employees lack familiarity with them, a recent study found. In fact, even among companies that have taken steps to prevent DDoS attacks, there’s another layer of protection some may not have considered.
The majority of DDoS attacks are called volumetric DDoS attacks, which occur when illegitimate traffic from hacked devices overwhelm your network, bringing your websites, apps and other online properties to a grinding halt. The number of these attacks skyrocketed in 2017, and in the second quarter of 2018, analysts reported an increase in medium-duration attacks compared to shorter attacks. DDoS attacks are also becoming more sophisticated.
Even if you have a DDoS solution in place, that doesn’t mean your business is fully protected. According to one DDoS trend tracker, in 2017, the IT, cloud and SaaS industry accounted for nearly half of all mitigation activity, making it the most targeted industry by DDoS attackers for 12 straight quarters. That means if your cloud provider isn’t taking proper precautions to protect themselves from DDoS attacks, it can have serious ramifications for your business if you rely heavily on those services. And if you’re leveraging a public cloud service, you’re particularly vulnerable because if one tenant company who uses that shared resource, it can have a ripple effect on every other tenant.
The IT, Cloud, and SaaS industry accounted for 45% of the total mitigation activities, and became the most targeted industry for 12th consecutive quarter.
Cloud security: Whose job is it anyway?
There’s a common misconception that when you offload your network infrastructure to a cloud provider, you don’t have to worry about security. However, while the physical security of your provider’s data centre is their responsibility, the overall security model in the cloud is generally a shared responsibility between you and your provider. Specifics, such as patching and firewalls, depend on the service level you agree to. It’s crucial to have a full understanding of your cloud provider’s role in securing your online properties and critical data before you sign on.
Preventing DDoS attacks
Given the growing number and severity of DDoS attacks, you definitely want to ask potential cloud providers whether they have a DDoS protection solution in place. They should have a solution in place just like any other company, effectively adding another protective layer between the internet and the data centre housing their cloud. And since volumetric DDoS attacks are the most common type of DDoS attack, it’s worth asking how many traffic scrubbing centres they use. Why? Volumetric DDoS protection solutions “scrub” incoming traffic, dropping illegitimate data before it reaches its targeted servers. The standard is two, but the more scrubbing centres a DDoS solution leverages, the more quickly and efficiently it can reroute and eliminate threatening traffic. You should also ask where their scrubbing centres are located. If they use scrubbing centres out of country, you may run into compliance issues around data sovereignty. Choosing a provider that has all of their centres in Canada would be the most prudent option.
The bottom line is that if your cloud provider isn’t protected from DDoS attacks, then neither are you.