What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks

October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US.

The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about three hours of service outage. The attack was orchestrated using a botnet of connected devices including a large number of webcams sold by a single manufacturer, which simultaneously made tens of millions of DNS requests on Dyn’s servers. Given the impact and severity, Dyn was quick to release a statement that more fully explained the incident from their side.

DDoS attacks can be carried out in many ways and can either target individual properties, or services that support a multiple Internet properties. DNS services are common targets because they are essential to the operation of cloud-based services.

Cyber Attacks are Getting Increasingly Sophisticated

There’s a growing trend of increasingly sophisticated DDoS attacks targeting governments, political organizations, financial institutions and businesses in general. Victims of high-profile breaches in recent years include Target, eBay, Home Depot, JPMorgan Chase, LinkedIn, FDIC and Ashley Madison, but these are only a few notable names.

Even as Government and private organizations embrace cloud-based services, attacks such as the one on 10/21 should compel them to reevaluate “all in on the cloud” approaches to platforms, applications and data. While I am not advocating completely pulling back from the cloud and into On-Premises systems, this is a situation that pleads for a diversified risk mitigation strategy.

Organizations need to have solutions in place that will not interrupt operations and kill productivity during situations like this. As we have always advocated, a hybrid solution can certainly mitigate risk and give organizations alternative ways to work in the event of attacks or outages.

The Polarity Problem

A major problem for many organizations is their polar philosophies around infrastructure, the thinking that everything has to be in one place or another – either in the cloud or on-premises. Here’s where hybrid approaches come into their own. What if your application ran on the public cloud, but failed over to an on-premises or private cloud instance in the event of a public-cloud outage? What if your content (data) could reside in the cloud, on-premises or in both places simultaneously, depending how business critical, voluminous or regulated it is?

Consider the Enterprise File Synchronization and Sharing (EFSS) solution space. Cloud-only providers like Box and Dropbox – that emerged as consumer services and subsequently moved into the business segment – arguably don’t account for the mission-critical use cases of governments and businesses, and their need for business continuity in the event of such outages.

Consider how your organization will be impacted if all its corporate information resided in the cloud, and a DDoS attack or other form of cyber attack (or even a natural calamity) brought the cloud infrastructure down for several hours. How will it affect employee productivity? What would the revenue impact be? How would your brand image be affected?

For most organizations, the impact of a cloud outage will be very significant. As such, exploring hybrid approaches becomes mission critical.

Hybrid is the Answer

MJM, a marketing and communications agency owned by WPP, initially used a cloud-only EFSS service for file sharing and collaboration but moved over to Egnyte a few years ago after realizing that what it really needed was a hybrid file sharing solution. Thankfully they did, as disaster struck in 2012 during Hurricane Sandy, devastated the Northeast Coastline in the United States. With no internet and power going in and out, the employees at MJM were still able to work through the disaster and not lose any time or money.

DDoS Attacks

When it comes to the enterprise, we have a steadfast philosophy that:

1) Enterprises need purpose-built solutions. From our inception, we’ve had a razor-sharp focus on serving the file sharing needs of organizations rather than consumers.

2) While we enthusiastically embraced the cloud, we’ve always been aware that our customers need safeguards. Our hybrid approach to file sharing allows customers to leverage the advantages of both cloud and on-premises infrastructures for agility, reliability and business continuity.

If your cloud provider suffers an outage, a hybrid solution can seamlessly failover to your on-premises infrastructure and ensure that users, business processes and workflows remain unaffected. What’s more, these solutions can seamlessly failover to your on-premises infrastructure and ensure that users, business processes and workflows remain unaffected.

It is best to assume that Internet outages are inevitable, and plan for continued access to essential files when your cloud infrastructure or Internet connectivity become unavailable. When the next outage occurs, will you be prepared?

By Kris Lahiri, VP Operations and Chief Security Officer

Jonathan Custance
IoT and cloud computing are on the increase High-profile cybersecurity breaches are increasingly in the news, a prime example being the NHS incident of May 2017 when services were brought to a standstill for several ...
Derrek Schutman
Implementing Digital Capabilities Successfully Building robust digital capabilities can deliver huge benefits to Digital Service Providers (DSPs). A recent TMForum survey shows that building digital capabilities (including digitization of customer experience and operations), is the ...
Matrix
When sci-fi films like Tom Cruise’s Oblivion depict humans living in the clouds, we imagine that humanity might one day leave our primitive dwellings attached to the ground and ascend to floating castles in the ...
Gary Bernstein
Most Dangerous Botnets While it’s no secret that the technical sophistication of cyber-attacks grows exponentially, adversaries often need widespread networks to make it happen. One of the ways to do that is to infect legitimate ...
Martin Mendelsohn
The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.