When Things Attack, Turn to Cloud
Cyber. Things. Security. DDoS. These are digital disruptions; the modern equivalent of enemies at the gate, inside the wall, and hiding in the ranks. The real story is not that things have attacked (again), but that these increasingly annoying (and often successful) attacks are disrupting business and causing panic attacks that ripple across entire industries.
Harnessing distributed compute resources is nothing new, after all. Many may recall the prevalence of SETI-based distributed processing, wherein geeks across the globe kindly offered up idle CPU and memory resources on their own machines to help process the voluminous data collected by the program. In many respects, this was the earliest form of cloud computing which, when distilled down to its simplest form really is just taking advantage of “someone else’s computer.”
Whether it’s by harnessing the compute resources of the latest gadget, gizmo, or other “thing”, or those on unsuspecting consumer machines, the reality is that attackers today are capable of generating far more data to throw at an organization than is reasonable. Given that most organizations sport an average of 10-40Mbps connections to the Internet, it should be no surprise that in the face of a volumetric attack, the first thing that is overwhelmed is the network.
…by the time an attack has reached their network, the volume of traffic far outweighs their capacity and almost immediately they experience issues with network availability.
The reality of digital business is digital disruption. Just as brick and mortar had to figure out how to scale to address physical disruptions like Black Friday and Back to School sales, digital business must develop a scaling strategy to deal with these increasingly frequent and sizeable attacks.
Cloud is a reasonable and logical answer. Whether we’re talking about moving applications to a cloud environment, where scale is part and parcel of the environment, or looking to cloud-based services like DDoS protection, cloud is one of the best answers to downgrade digital disruption back to merely an annoying happenstance.
Migration of applications to the cloud affords organizations some assurance that the network will not be* overwhelmed in the face of an attack. The premise being, of course, that a cloud provider is not only distributed across the Internet, but sits so close to the Internet backbone so as to have the capacity necessary to absorb an attack.
When the attack targets a resource that cannot be or has not yet been moved to the cloud, cloud remains a good option. In this case, the ability to shift an organization’s presence to a cloud-based security service can provide relief by relying on the provider to absorb the attack traffic while allowing legitimate traffic to continue on to the data center. This option works, too, for providing protection across all applications, whether in the cloud or not. It serves as an abstraction layer that insulates organizations from ongoing changes to application location and makes it more difficult for attacks to find the source – applications – of the real gold they’re digging for, your data.
It’s not that we shouldn’t be concerned about the security of things. We absolutely should, especially if we’re in the business of providing “things” to consumers or partners. But rather than focus on how to secure just the things in the face of these kinds of attacks, we need to step back and evaluate what the real disruption to our business is and how to address that.
In the case of DDoS, that’s often network and application capacity. And cloud is a good option for dealing with a disruption that tests the limits of network and application scale.
* there are no guarantees in the land of the Internet. That’s part of the excitement, or so they tell me.