The systems in place for those service providers failed under the stress and ferocity of attacks that exceed peak sizes of 1 Tbps (that’s one TRILLION bits of transmitted data per second). In fairness, the large internet service providers blown offline by these storms were hit with attack sizes and attack types using compromised Internet of Things (IoT) devices on a scale never seen before. Better anticipation of these types of threats would have gone a long way to minimizing disruption and impact as the ease of marshaling disastrous forces went mainstream. Emboldened by these successes, cyber attackers soon picked up the pace in using DDoS attacks as part of their arsenals to go after infrastructure elements beyond DNS. In a recent global research report from Neustar, a global security services provider, of more than 1,000 organizations across 13 different major industries, 84 percent reported being hit at least once with a DDoS attack. More troubling, 86 percent of those attacked acknowledged suffering multiple attacks and nearly half attributed a network breach occurred in concert with a DDoS attack.
The intensity and maliciousness of DDoS use grows every day and it is forcing organizations to shift their strategic thinking as traditional network firewalls, overreliance on ISPs, and in some cases, living in denial of attack risks are all proving to be ineffective against sophisticated attacks. Nicolai Bezsonoff, GM and VP of Security, Neustar says, “No one is immune, if your company is online, it’s a target. The question facing business leaders today is no longer ‘if’ they will be attacked with DDoS, not even ‘when’, but about how often and how bad.”
Neustar is a company that knows this threat well. It has provided global DNS and DDoS services for over a decade to many of the world’s top brands and is a frequent target of attackers. This has put the company in a forward-looking position in which the anticipation and deployment of resilient services, and the means to put down ferocious DDoS attacks, which keeps its customers up while bad actors try to bring them down.
The more the attacks come our way, the stronger our intrinsic, instinctive defenses get at mitigating them
The complexity in monitoring client sites, accelerating and maintaining their performance, and defending them from attacks is growing exponentially. In fact, the size of attacks has increased substantially in the recent times. Neustar neutralizes such attacks by deploying backup DNS services, which ensures that client systems are still accessible in the event of an attack. “We help clients by monitoring, assisting, and defending their website,” assures Bezsonoff. Towards the end of 2016, Neustar put down a half dozen 500+ Gbps (gigabits per second) attacks that culminated with a month-long battle against a sustained attacked that peaked at 700 Gbps. The company handles such frequent, high magnitude attacks by leveraging an astute defense infrastructure spanning across the globe. Being a DNS provider targeted often by DDoS attacks, Neustar has invested heavily in capacity, capability, and expertise to keep its defenses ahead of emerging threats so that Neustar and its clients stay up and running no matter what comes its way. Since January of this year, the company has quadrupled its attack defense capacity in the deployment of what is fast becoming the world’s largest, most capable DDoS mitigation platform. Soon to complete its latest expansion, Neustar will finish the first quarter of 2018 with more than 10 Tbps of mitigation network capacity that will include new, innovative methods and management disciplines to handle attacks of all types, sizes, and duration. “We are growing our capacity by a factor of 10 because we see exponential demands from our clients,” confirms Bezsonoff.
The Sterling, Virginia, based company will ultimately handle DDOS attacks using 27 globally distributed scrubbing centers comprised of massive nodes. These large nodes, some nearing 1 Tbps in capacity, provide an architectural advantage that help maintain optimal customer network performance. Distributed infrastructure allows for local scrubbing as in most cases malicious, local traffic can be neutralized faster, avoiding core network being bogged down for legitimate traffic. “An impatient internet public demands that companies not simply survive security threats, but that they thrive in spite of them. Massive, strategically located scrubbing capability and efficient management enables us to put down malicious traffic closer to source and target resulting in minimal customer network latency during attacks,” adds Bezsonoff.
Neustar’s managed DNS infrastructure is defended by its DDoS mitigation technology to build a highly flexible and secure infrastructure. In addition, the company monitors client sites from multiple points to see if they are performing as desired during both normal operations and while under attack.
The company’s solutions are platform-agnostic. Customers using Neustar products are defended across their technology deployments. The company supports both onsite and on-premise data centers, with support for multi-cloud and hybrid environments. AWS and other cloud providers are used for load-testing services. Recently, Neustar assisted one of the leading American dailies in building their defense solution by using both AWS and company's SiteProtect cloud. “Our SiteProtect cloud not only protects but also compliments AWS infrastructure. Our clients often take pride after successfully mitigating attacks on their existing AWS infrastructure and other web-facing, external sites,” explains Bezsonoff. Neustar understands that fast-ramping DDOS attacks can overwhelm Elastic Load Balancers (ELBs) as well as extend beyond AWS, especially in multi-cloud environments. It can be difficult, daunting, and dangerous to try managing DDoS protection in multiple cloud silos and ISP services across the enterprise. Neustar is distinctly capable to deliver security services that monitor, defend, and accelerate entire infrastructures and augment defense portfolios in place, 24/7.
Passion Driving the Growth
Technology and passion play a crucial role in the success of an organization and Neustar’s investments and pro-active threat management strategies are paying off. An industry veteran, Bezsonoff brings the right mix of passion and knowledge to Neustar. He believes in guiding start-ups to success, a practice that fosters new ideas and opens up a new possibility in technology space. “Our engagements with start-ups allow us to stay aligned with new and emerging technologies,” states Bezsonoff. Neustar is looking at new ways to defend its customers from rising cyber-attacks as it plans to build secure infrastructure to meet their growing expectations. This year the company is busy widening its scrubbing centers. Next year, it intends to develop a unique anti-fragile technology, which, at the core, is a collection of intelligent systems that can automatically identify and mitigate attacks quickly. Staying ahead means seeing ahead and having the experience, expertise, and passion to put the right investments in place. With the world only getting more dangerous and complex, Neustar is continuing to evolve defense technologies and strategies that help keep organizations ahead of trouble.”