No. 1 Story

ACCC clears Optus to scrap HFC network and use NBN instead

The ACCC has cleared, provisionally, the proposed deal between Optus and NBN Co under which Optus is to be paid around $800m to shut down its HFC network and transfer customers onto the NBN. read more

More From

Popular Threads

DDOS the biggest threat to cloud computing?

Stuart Corner
Monday, 07 September 2009 07:57

IT Industry - Strategy

View Comments
Page 1 of 2
According to Roland Dobbins, solutions architect for network security specialist Arbor Networks, distributed denial of service attacks are one of the must under-rated and ill-guarded against security threats to corporate IT, and in particular the biggest threat facing cloud computing.
Arbor Networks specialises in technology designed to increase networks' ability to withstand DDOS and other attacks and it counts as its customers many of the world's major service providers, including Telstra and Optus.

DDOS, Dobbins claims, is largely ignored in many discussions around network and cloud computing security. "Most discussions around cloud security are centred around privacy, confidentially, the separation of data from the application logic, but the security elephant in the room that very few people seem to want to talk about is DDOS. This is the number one security threat facing the cloud model," he told last week's Ausnog conference in Sydney.

"In cloud computing where infrastructure is shared by potentially millions of users, DDOS attacks have the potential to have much greater impact than against single tenanted architectures," Dobbins argues. Yet, he says, "The cloud providers emerging as leaders don't tend to talk much about their resiliency to DDOS attacks."

Dobbins told iTWire: "There is a decoupling of traditional information security - which is concerned with policies and procedures - from operational security which is focussed on real time availability.

He claimed also that many organisations offering security advisory services don't include DDOS in the scope of their services. "Many of these organisations don't seem to offer an assessment that will give an organisation an understanding of how vulnerable they are to DDOS attacks. The fact that DDOS seems to fall out of scope of a lot of these assessments is an issue.

"[For example] When you look at the PCI/DSS that has been put forth by Visa and Mastercard there is not a word in there about DDOS so far as I can see. And some of the things they recommend, such as putting in a application firewall in front of servers actually increase the risk of DDOS."

Need all the latest news on telecommunications?
If telecoms is your business: you'll find in-depth, industry-specific news, analysis and commentary in ExchangeDaily
Check out a recent edition (no forms to fill in) or take a free trial

CONTINUED


Start 1 2 Next 

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases