DDOS the biggest threat to cloud computing?

Stuart Corner
Monday, 07 September 2009 07:57

IT Industry - Strategy

Dobbins said that many organisations had so little understanding of DDOS that they did not even know when there had been an attack. "All they know is that the Internet has gone down. They lack visibility into what is happening in the their network and they lack control over their network. This is true of some service providers who have a whole lot of tickets from users who say their Internet is down and they never know why."

Dobbins acknowledges that for many organisations obtaining and maintaining the necessary level of expertise to guard against all security threats is very difficult.

"Networking security is afflicted by what I call the Microsoft Word problem: 90 percent of the people use only 10 percent of the features. A lot of people have bought gear with a great deal of security features built in but they never make use of them...For many organisation it is difficult to find good people. To get the level of people they need the have to spend up to a certain plateau."

This lack of expertise, he says, affects not only these organisations but leaves their infrastructure open to exploitation for the launch of DDOS attacks on others.

"There a several hundred thousand DNS servers that have been misconfigured with an open recursor. This means that a DNS server in a network can respond to queries from users on other networks. Also many service provider have not put antispoofing technology at the edges of their networks." This, he explained, meant that these DNS servers could be used to generate DDOS attacks by being instructed to send many large packets to an address of a cyber criminal's choosing.

"These constitute a botnet with an open command and control channel and [unlike traditional zombie PCs] are on networks with lots of connectivity."

Paradoxically, although Dobbins sees DDOS as the greatest threat to cloud computing, he also sees it as the potential solution for organisations grappling with the complexities of securing the network infrastructure.

"One answer is to get rid of all IT systems and hand them over to an organisation that specialises in these things. If the cloud providers are following best practice and have the visibility to enable them to exert control over their networks it is possible for organisation to outsource everything to them."

For those organisations that do run their own data centres, he suggests they can avail themselves of 'clean pipe' services which protect against DDOS attacks According to Nick Race, head of Arbor Networks Australia, Telstra, Optus and Nextgen Networks all offer such services.