With distributed denial of service (DDoS) attacks becoming more complex and sophisticated, so must any defensive strategy that attempts to fully protect a financial institution. This is according to Arbor Networks, the security division of Netscout.
While traditional security measures such as firewalls, intrusion prevention systems (IPS) and other disaster preparedness tactics are certainly key components in a DDoS protection strategy, those measures alone are not strong enough to defend against the rapidly evolving DDoS attack tools used today.
“Hackers are gaining momentum and expanding their tactics on a daily basis, and financial services companies need an additional layer of protection that helps them stay one step ahead. The optimal solution is a purpose-built, intelligent DDoS mitigation system,” says Bryan Hamman, territory manager: sub-Saharan Africa at Arbor Networks.
He emphasises that it has become essential that financial institutions operating in Africa today employ a multi-faceted solution that can detect and block attacks with multiple dimensions of countermeasures before the attacks escalate into costly service interruptions – or worse, an eroding customer base. “Hackers are not biased when attacking regions and we are witnessing an increase in attacks throughout the world on both large and smaller financial institutions,” adds Hamman.
Armed with a defence that is based on the latest emerging threats, financial institutions can however protect themselves both on premise and at the service-provider level against current and future attack strategies.
Arbor’s security solutions are distributed in 18 African countries by Networks Unlimited, and are designed to defend both upstream and on premise.
“If it is a victim of a volumetric attack, a financial institution will never have enough on-premise bandwidth available to offset the attack. The best defence against this DDoS attack is therefore a solution that provides protection functionality at the cloud or service-provider level,” says Hamman.
With such a solution in place, the provider can identify the volumetric attack and divert the attack traffic to a scrubbing centre for mitigation. This is known as an upstream defence.
The application-layer and state-exhaustion attacks aimed at the perimeter of networks and data centres are often called “low and slow” attacks. Because this type of attack traffic looks legitimate, it is much harder to detect. As a result, hackers are often able to successfully get through the traditional defences of service providers.
“These attacks are best defended with an on-premise solution that is as close to the application or network infrastructure as possible. This provides quicker visibility into any suspicious activity and helps stop the attacks before extensive damage occurs,” says Hamman.
He points out that like any part of a disaster preparedness strategy, contingency planning is a key part of a DDoS mitigation plan. Once a multi-faceted intelligent mitigation system is in place, it is important to rehearse an action plan that is coordinated both internally as well as with service providers. A well-thought-out strategy, executed by a thoroughly trained team, provides the best chances for a financial institution to ward off an attack while protecting its network, infrastructure and customers.
“Besides providing a base level of protection, a comprehensive DDoS mitigation solution provides insights into emerging threats. Financial institutions can use this insight to develop defences both on premise and at the service-provider level. With visibility into all traffic and potential subterfuge, Arbor solutions deliver multiple dimensions of countermeasures that organisations can leverage to stop dynamic and diverse threats before an attack is fully launched,” concludes Hamman.