OPINION: Effective DDoS protection for financial companies
OPINION: Effective DDoS protection for financial companies
With Distributed Denial of Services (DDoS) attacks becoming more complex and sophisticated, so must any defensive strategy that attempts to fully protect a financial institution.
While traditional security measures such as firewalls, intrusion prevention systems (IPS) and other disaster preparedness tactics are certainly key components in a DDoS protection strategy, those measures alone are not strong enough to defend against the rapidly evolving DDoS attack tools used today.
Hackers are gaining momentum and expanding their tactics on a daily basis, and financial services companies need an additional layer of protection that helps them stay one step ahead.
The optimal solution is a purpose-built, intelligent DDoS mitigation system.
It has become essential that financial institutions operating in Africa today employ a multi-faceted solution that can detect and block attacks with multiple dimensions of countermeasures before the attacks escalate into costly service interruptions - or worse, an eroding customer base.
Hackers are not biased when attacking regions and we are witnessing an increase in attacks throughout the world on both large and smaller financial institutions.
Armed with a defence that is based on the latest emerging threats, financial institutions can however protect themselves both on-premise and at the service-provider level against current and future attack strategies.
If it is a victim of a volumetric attack, a financial institution will never have enough on-premise bandwidth available to offset the attack. The best defence against this DDoS attack is therefore a solution that provides protection functionality at the cloud or service-provider level.
With such a solution in place, the provider can identify the volumetric attack and divert the attack traffic to a scrubbing centre for mitigation. This is known as an upstream defence.
The application-layer and state-exhaustion attacks aimed at the perimeter of networks and data centres are often called "low and slow" attacks. Because this type of attack traffic looks legitimate, it is much harder to detect. As a result, hackers are often able to successfully get through the traditional defences of service providers.
These attacks are best defended with an on-premise solution that is as close to the application or network infrastructure as possible. This provides quicker visibility into any suspicious activity and helps stop the attacks before extensive damage occurs.
Like any part of a disaster preparedness strategy, contingency planning is a key part of a DDoS mitigation plan. Once a multi-faceted intelligent mitigation system is in place, it is important to rehearse an action plan that is coordinated both internally as well as with service providers.
A well-thought-out strategy, executed by a thoroughly trained team, provides the best chances for a financial institution to ward off an attack while protecting its network, infrastructure and customers.
Besides providing a base level of protection, a comprehensive DDoS mitigation solution provides insights into emerging threats. Financial institutions can use this insight to develop defences both on premise and at the service-provider level.
* By Bryan Hamman, territory manager for sub-Saharan Africa at Arbor Networks.