As evidenced by the massive DDoS (distributed denial of service attack) in October that affected Netflix, Twitter and others, even large Internet-based companies are vulnerable to cyber-crime on a large scale. The Mirai botnet, whose source code is now available online, is credited with powering what’s been called the largest volumetric DDoS attack of its kind in history.
Mirai is the open-source DDoS toolkit that spread self-propagating malware responsible for overwhelming large servers across at least two continents. The malware simply exploited known vulnerabilities in the aging DNS (domain name server) technology that underpins the Internet’s equivalent of a phone book.
More Botnet Attacks Probable
Many prominent voices in the cybersecurity arena warn that DDoS attacks, already on the rise, are likely to proliferate as botnets spread. After the source code for Mirai was released earlier this fall, other attackers modified and began deploying it for themselves. Moreover, numerous botnets are available for rent on the Darknet.
In addition, easy access to such DDoS “recipes” virtually assures new exploits sprouting across the Internet of Things (IoT) landscape, seeded as it is with marginally-secured gadgets meant to simplify life. Ironically, many of the most vulnerable devices, such as Internet cameras, are marketed to make our homes and offices safer.
Unfortunately, enterprises are top targets for DDoS attackers. At the same time, enterprise IT is increasingly budget-strapped, working at capacity maintaining basic operations.
Perhaps more concerning, according to Frost & Sullivan’s Michael Suby, “What is certain in cyber-attacks is uncertainty; the element of surprise serves attackers well.”
So, what are today’s businesses, particularly those in the middle of the market, budget- and staff-wise, to do?
Too Much Risk, Too Many IT Limitations
Midmarket businesses, chiefly those with multiple locations, need alternatives to better protect themselves from the increasing number, type and sophistication of cyber-attacks. To complicate matters, businesses also are dealing with software “patch fatigue.”
Enterprises often are unable to keep up with the sheer volume of software patches required to secure their networks, digital assets and IT infrastructure against cyber-criminals. Hackers know this, and are relentless in fielding DDoS and other exploits that prey on vulnerabilities too frequently opened by unpatched, poorly configured or outdated software.
For this reason, my colleagues and I are seeing more businesses opting to outsource managed security. Many of our customers are finding they can meet compliance requirements without impacting IT operations, all while saving money, through managed security services (MSS). A few commonly occurring challenges, and their MSS counters, illustrate how and why North American businesses are more readily embracing outsourced cyber security.
Challenge 1: Lack of technical know-how, qualified staffing and infrastructure to avert or remediate security breaches.
Solution: MSS can prevent unauthorized access to network infrastructure. The provider will ensure secure use of the customer’s IP-VPN. The benefits include:
> Assured compliance with regulatory requirements for network security.
Challenge 2: Threat of high revenue loss and competitive position associated with data breaches.
Solution: Corporate websites are cyber-hardened through MSS against DDoS and other intrusions. Attacks that do occur are mitigated, returning operations to normal in minutes. The benefits include:
> One point of contact to prevent or immediately address the gamut of increasingly complex threats.
> Round-the-clock expertise dedicated to monitoring and managing the enterprise’s cyber security.
Challenge 3: Rising costs for security management and technology.
Solution: Outsourced security services reduce total cost of ownership (TCO) while safeguarding networks. In-house IT personnel can be more productive focusing on core operations. The benefits include:
> Avoiding additional hires to ensure proper network protection.
> Reducing downtime, productivity impediments and revenue loss due to a security breach that compromises data.
Finding the Right MSS Fit
In light of the challenges summarized above, some managers resist MSS solutions for two primary reasons. First, they are concerned about relinquishing control over network processes. Second, they are skeptical about cost-benefit claims. MSS providers, including XO Communications, are well equipped to address these concerns, point for point, to offer a level of return that can exceed norms typically seen in network services.
Costs for managed security services vary enormously depending on factors that include type of DDoS services required, geographic scope and number of locations, and technical complexity of the systems involved. Given the wide range of variables MSS can entail, industry analysts often focus on total cost of ownership (TCO) to help businesses weigh costs against services provided. Enterprise due diligence that includes analyst evaluations is more likely to capture a fuller picture of a provider’s merits. To illustrate, Frost & Sullivan’s Michael Suby evaluated XO Communications recently, concluding:
“The cost of mitigating volumetric DDoS attacks doesn’t have to be another painful layer of uncertainty. We applaud the cost structure of XO Communications’ DDoS mitigation service as a stable percent of the customer’s access line monthly recurring fee. If, for example, a DDoS attack starts at 10 Mbps and escalates to 100 Mbps, the cost to keep your protected websites open for business does not go up.”
At the end of the day, managed security services can make strong ROI sense. Better security that safeguards sensitive data need not represent a luxury that only the wealthiest of businesses can afford.
Hawley Hansen is senior manager for product management with XO Communications.