The IT Pro Podcast: Inside the DDoS arms race

Cyber attacks are something that every business worries about on a near-constant basis - but while DDoS attacks may not make it onto many CISOs lists of the most worrying threats, they remain one of the most prevalent types of attack - partly because they’re dangerously easy to launch.

The scale and speed with which DDoS attacks can be launched is lowering all the time, too, thanks to the spread of IoT-driven botnets and the rise of DDoS-as-a-service vendors. One of the companies on the front line of defending against this threat is Cloudflare, and in this episode of the IT Pro Podcast, we’re joined by Cloudflare CTO John Graham-Cumming to discuss the tactics used to mount these attacks, and why they’re never really going to go away.

Highlights

“If you think back a few years, when you think about DDoS, it was often just that the website was not online for a business. And at a time when websites were primarily marketing tools, almost a brochure, it mattered from a reputation perspective and some loss of business. But of course, we've switched to using the internet for pretty much everything. I mean, look at us talking like this over the internet and schooling and working from home and ordering lunch. And you imagine the myriad of things we do on the internet; all of those things are vulnerable to DDoS attacks.”

“We built our systems up so that they can detect and mitigate this stuff, automatically. And from a capacity perspective, because we built the network to be very, very large, we don't worry about the size of attacks. Obviously, we worry in the sense of planning for bigger and bigger attacks, and making sure we have the infrastructure in place, making sure our systems are working… but in both the case of the two terabit per second attack, and in the case of the 17 million requests per second attack, those are just automatically mitigated.”

“We see continuous attacks of all sizes, and it seems to be growing, unfortunately. I had kind of hoped this problem would slow down, but it doesn't seem to be doing so. Sadly, DDoS is just part of what we deal with. It's almost like it's the background noise of the internet, there's always some nonsense going on.”

Read the full transcript here.

Footnotes

• NCA site hit bit Lizard Squad following arrest of six teenagers
• What is a DDoS attack?
• DDoS attacks are crippling UK VoIP operators
• DDoS attacks are still a key weapon for corporate extortion
• Microsoft mitigated 'largest ever' 2.4Tbps DDoS attack
• Owner of DDoS for hire sites found guilty of hacking offences
• Global ransom DDoS extortionists are retargeting companies
• How to stop a DDoS attack
• Australia internet banking outage blamed on DDoS mitigation service
• Oracle joins Cloudflare's Bandwidth Alliance
• Major AWS outage knocks a host of services offline
• Hackers use WebSVN to deploy new Mirai malware
• Colonial Pipeline hack spurred copycat attacks on other oil and gas companies
• Anonymous DDoS attacks cost PayPal £3.5m, court hears
• ICO website taken down by Anonymous DDoS attack
• What is a botnet?
• Botnet targets vulnerable Microsoft Exchange servers
• IoT botnets are on the rise and 5G isn’t helping anything
• Europol takes down 'dangerous' Emotet botnet
• New Mirai variant spotted targeting network devices
• Was Mirai malware behind Dyn DDoS attack?
• Oracle calls time on DNS specialist Dyn
• Practicality of UK government’s cyber bill criticised by industry experts

Subscribe

• Subscribe to The IT Pro Podcast on Apple Podcasts
• Subscribe to The IT Pro Podcast on Google Podcasts
• Subscribe to The IT Pro Podcast on Spotify
• Subscribe to the IT Pro newsletter
• Subscribe to IT Pro 20/20