Following the news about how the UK can stop being so attractive to DDos attackers, Stephanie Weagle, Senior Director at Corero commented below.
Stephanie Weagle, Senior Director at Corero:
“What makes the UK such an attractive target for DDoS attackers, over and above other countries (only the US got DDoS’sed more)?
“DDoS attacks have become many things over the last decade; weapons of cyberwarfare, security breach diversions and service impacting strategies. The motivations for these attack campaigns are endless – financial, political, nation-state, extortion and everything in between. The reported increase in attacks against the UK, over the last six months (as Imperva states) coincides with a warning issued by the City of London Police in May of this year, where the public was warned of a new wave of ransom driven DDoS attacks orchestrated by Lizard Squad, in which UK businesses were told that they would be targeted by a DDoS attack if they refused to pay the bitcoin ransom. In June of 2016, Corero Network Security conducted research were 80 percent of European IT security professionals expect their business to be threatened with a DDoS ransom attack during the next 12 months. This research highlights the growing threat of cyber extortion attempts targeting businesses in the United Kingdom and continental Europe.
“What can be done to make the UK ‘uglier’ from a DDoS attack perspective?
“Continuing to rely on traditional IT security solutions, and or human intervention to deal with the growing DDoS epidemic will continue to prove devastating to UK businesses. As recent events have confirmed once again, no single company, organization or government is up to the task of securing the Internet for the UK or any other country for that matter.
“However, the Internet service provider is in a unique position to dramatically improve Internet security. A telco or Internet service provider’s role has traditionally been to direct traffic from one destination to another, without filtering out DDoS attack traffic—all flows are created equal, so to speak. Today, ISP’s are more cognizant of the effects of DDoS attacks and are stepping up to the plate to eliminate these attacks from their traffic automatically, before they have the chance to impact downstream businesses. This approach is made possible via technology now available to provide real-time and automatic mitigation of DDoS attack traffic at economies of scale.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.