DDoS Attacks: Qualified Security Professionals to Be the Game Changers
The Single Biggest Reason DDoS Attacks Continue to Succeed:
Distributed Denial of Service (DDoS) attacks are on the rise worldwide. According to Akamai’s Q2 2016 State of the Internet report, DDoS incidents are up 9 percent from Q1 and an incredible 129 percent over Q2 from the previous year. Not only are these attacks coming more frequently, they are also more powerful and longer-lasting. Content delivery giant, Akamai, saw 19 mega-attacks of over 100 Gigabits per second (Gbps), a whopping 137.5 percent increase over the same quarter in 2015.
Business leaders know all too well how much damage DDoS assaults can cause. A well-written virus can cripple even the most structurally sound computer networks, taking crucial revenue-generating pages and value chain systems offline for hours or even days. Some malicious code can even infect router firmware, rendering it completely unusable until the box is physically replaced within the data center.
Electronic assaults like these strike abject fear into the hearts of CIOs and corporate IT leaders. So much so, in fact, that cyber-gang no longer have to actually execute an attack to make money. A hacker group known as the Armada Collective sent a group email to high-profile web sites threatening to execute a DDoS attack unless their intended targets coughed up a “protection fee.” Astoundingly, the cyber-criminals made over $100,000 in extortion fees without even launching a single attack.
Cyber Defense Skills in High Demand and Short Supply:
DoS attacks are nothing new. The first documented attack came back in 2000 when a 15-year old Canadian whiz kid nearly took both Amazon and eBay offline. A few years later, the Blaster Worm triggered a DDoS attack against windowsupdate.com by commandeering thousands of unsuspecting machines. Microsoft was easily able to deflect the attacks, but other firms affected by the malware suffered $320 million in damages according to security vendor, Symantec.
There’s a reason why experienced, certified security professionals make so much money. They are in extremely high demand and extremely short supply
You would think that because DOS-style attacks have been around for so long, they would be relatively easy to detect and prevent. They’re not. Two significant market dynamics have tilted the digital playing field to make attacks easier and defending against them far more difficult.
Launching an Attack Has Never Been Easier:
Compared to other types of cyber-attacks, DDoS raids are relatively unsophisticated. All you have to do is write a script to fire a http request at a public-facing web site and execute it thousands of times per second — something even a novice programmer can do. No programming skill? No problem. Just download the High Orbit Ion Cannon (HOIC), a freeware program capable of flooding the URL of your choice with millions of dummy requests. And if you have a team of ne’er do wells willing to coordinate an attack on the same site at the same time, it won’t be long before you render the targeted site completely unavailable to legitimate traffic.
In addition to targeting a single company’s servers, cyber crooks can also target public Domain Name Services (DNS) servers – public Internet components which translate human-readable URLs into IP addresses. These important hardware components are designed to carry a heavy load of web requests, but like any other server, a skilled hacker could overload one on a whim. “It’s tremendously easy,” says David Larson, CTO of Correro Network Security in a recent kotaku.com article. “Anybody can afford it; anybody can do it.”
Skilled Security Professionals are Difficult to Find:
There’s a reason why experienced, certified security professionals make so much money. They are in extremely high demand and extremely short supply. An open job order for skilled security engineers has been growing steadily over the last six months and shows no signs of slowing any time soon. But because there are so few experienced security engineers available, the vast majority of those positions go unfilled.
Perhaps the single biggest reason for the shortage of talented defenders is the breadth of background required for the job. An attractive candidate will have experience in cloud security, DOS-mitigation, behavioral analysis, intrusion detection systems, web applications firewalls, and secure socket layer (SSL) administration. While we’re dreaming, it would be nice if the candidate had significant team lead experience in each role. In simpler terms, this would be like recruiting a ball player who has made the all-star team at every position, including manager.
Such unicorn players can take the better part of a year to recruit, and only the wealthiest companies can afford them. Those fortunate enough to attract and hire such a valuable commodity will have a difficult retention task on their hands, particularly if their digital bouncer holds a valuable security certification like ISSEP/CISSP. And every high-profile DDoS attack that makes the news raises their salary bargaining powera little bit higher.
The more global commerce depends on the Internet, the more susceptible they will be to DDoS attacks. Qualified security professionals can prevent these incidents, but are extremely difficult to recruit and retain. Very few engineers have the experience and education necessary to reliably fend off DDoS attacks. And even when those candidates have been identified, their compensation requirements put them out of reach of all but the largest technology-centric firms.
DDoS attacks are becoming easier to launch, yet the skills needed to defend against them are more than the average security engineer can be expected to bring to the table. Until this talent shortfall can be solved, companies that rely on public-facing web applications for revenue generation will continue to find themselves vulnerable to DDoS attacks.