How new types of DDoS attack the cloud

Currently, DDoS attacks on the cloud are larger than ever, with the largest DDoS attack in 2013 reaching 309 Gbps, and as more organizations migrate business and services to the cloud, a separate component can cause cascading failures. This is the next generation of security and DDoS devices to solve the problem.

The following is the translation:

At a recent large medical organization security meeting, I was fortunate to see the log of the private cloud infrastructure I had helped design. They showed me a set of interesting numbers that I think might appear to come from DDoS attacks. Security administrators and colleagues in different organizations have also seen a lot of the fact that DDoS attacks their systems.

Over the past few months, there have been more DDoS attacks on it infrastructures around the world. These attacks have shifted from simple scale attacks to more complex things. Attackers now use the application layer and HTTP to attack a specific target of an organization.

Imagine that cloud DDoS attacks are larger than ever. Arbor NX The NINETH annual Global Infrastructure Safety report clearly illustrates this, with the 2013 's largest DDoS attack reaching 309 Gbps. The Atlas data confirms that the 2013-year surveillance attacks exceeded gb/sec, 8 times times that of 2012. The widely reported NTP Reflex attack in 2014 exceeded the Gbps +, with multiple attacks in early February exceeding Gbps.

Luckily for my friend and his organization, this sql-based application blocks the associated attack. Why? Because they have a firewall deployed in the virtual appliance application. This firewall is dedicated to monitoring the target application, so the attack was blocked and recorded.

Cloud DDoS attacks are not a joke. Now large-scale systems rely on cloud environments, and a single component can cause cascading failures. This is the next generation of security and DDoS devices to solve the problem.

The fact is simple: more organizations migrate business to the cloud platform, and new types of security best practices are needed to protect their environment. Data leaks and security vulnerabilities can also cause a lot of damage to the company's image. More and more organizations are investing heavily in the next-generation security industry, with the aim of mitigating possible DDoS attacks.

What to do:

Next-generation security tools and firewalls must have real and powerful cloud visibility

Integrate virtual security into your data center

DLP, IPs engines need to be more powerful and have fine-grained visibility in your data architecture

Whether or not a company is hosting its own cloud environment or using a hosting provider, you must evaluate whether new security measures effectively prevent cloud DDoS attacks. Virtual security devices can now be deployed anywhere on the network to protect different types of internal systems. This scope can encompass a specific operating system service to a complete application.

At the same time, new physical storage devices are holding data dependencies and security in their hands.

Finally, there is a very important part of this because there is a need for more collaboration between applications and security teams for applications, internal resources, and various data point attacks. Application developers and administrators must communicate effectively and need security teams to operate. This means that they must understand the network, port, and service configuration. Improper setup of the application-especially if it is facing wan--will have very serious consequences.

This is a changing field. In the field of cloud computing is undoubtedly the most prominent. However, like any new technology, there are always a lot of new security issues. We need to continue to look for next-generation security technologies to support the wider use of the cloud.