Hosted Collaboration Solutions for Government (HCS-G).

Iron Bow’s HCS-G, powered by Cisco, is a FedRAMP Authorized cloud-based collaboration service built to help you improve communication capabilities, empower your mobile workforce, meet cloud-first mandates and maintain stringent security standards. Check out this video and see how we can help your agency overcome key IT and business challenges.

See what VDI can do for your agency.

The case for Virtual Desktop Infrastructure (VDI) has never been stronger. Agencies are looking for better approaches to securing and managing end-user devices. Check out this infographic and see what’s driving the interest in VDI solutions—and what concerns are slowing agencies down.

@Iron_Bow
About TechSource

Welcome to Iron Bow's TechSource, a blog about the issues facing the government and industry today and the technologies being adopted to help overcome them.

Report: DDoS fuzzes “Signal to Noise” Ratio

Daniel Nowak, Iron Bow Technologies

February 21, 2012  |  Cyber Security


For the last seven years, Arbor Networks has polled its user base & compiled an annual Worldwide Infrastructure Security Report. Since Arbor Networks is still the defacto standard for carrier grade network intrusion detection systems (NIDS), at minimum it’s worth giving a cursory review of this document. Arbor identifies issues, themes and trends that could have an impact on our clients.

This year’s report points to a fundamental change in Distributed Denial of Service (DDoS) attacks. The rise of hacktivism has influenced the pure number of DDoS attacks seen over the past year instead of the traditional financial motives. With hacktivist groups embarking in grassroots efforts to organize and grow, these various hacker cells are leveraging easy attack tools such Low Orbit Ion Cannon (LOIC) to train others.

Here are three points from the report that are worthy of mention:

1) The fundamental nature of DDoS is changing in that the average flood-based DDoS attempt is within the 10Gbps range (typically 60-100 Gbps)
2) DDoS is no longer purely a saturation issue, complex multi-vector and application attacks are becoming commonplace
3) Most conventional network devices such as stateful firewalls, IPS tools and load balancers continue to fail under internet facing DDoS attacks

So what does this really mean?

While these issues are anecdotally interesting, they represent greater implications in terms of national security and internet resilience.

Cyber-conflicts are rapidly becoming precursors to kinetic action. Precision digital strikes have been, and will continue to be executed under the cover of multi-vector DDoS. This in turn will make our internet intelligence surveillance reconnaissance (ISR) tools blind and our response capabilities hobbled.

The new “fog of war” is digital in nature, and Multivector DDoS will be its name. As with any conflict, when the landscape changes and the enemy are covertly attacking, a strong defensive line must be in place.

Both federal agencies and enterprises alike need to ensure that they have the proper security controls in place to secure critical assets. Yet, it would be foolish to assume that traditional security methods and technologies will be enough to protect the network against these attacks. One of operational mantras for 2012 and beyond will herald back to Dan Geer’s Harvard Journal article in Jan/2011: “Risk absorption — the ability to operate in degraded states.”

Organizations today must have the understanding that an attack will occur and the capacity to continue functioning despite cascading systemic failures. Additionally they must be able to use the event to gather intel for remediation and mitigation against future attacks. In the case of DDoS, that means resilient and robust systems with ever-increasing network/system capacity, and out of band ISR toolkits.


TechSource in your Inbox

Sign-up here to receive our latest posts by email.

  • This field is for validation purposes and should be left unchanged.