Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!

Attack of the Foreign Botnets

June 1, 2007
Botnet attacks, often from sophisticated offshore locations, can bring down enterprise applications including integrated physical security systems working on enterprise networks.


Among the most serious threats facing the Internet today are Distributed Denial of Service (DDoS) attacks in which compromised PCs controlled by remote attackers inundate a network with the intent to crash its Web or application services. Worldwide DDoS attacks reached as many as 10,000 per day in 2006, according to a survey conducted by the Computer Security Institute.

These attacks are very easy to launch and hard to track. Furthermore, it is difficult to deny the requests of attackers without also refusing legitimate requests for service. Up to now, conventional DDoS prevention included mitigation leveraged routers, firewalls and intrusion detection systems and more recently new plug-and-play DDoS mitigation devices. But these solutions have limitations particularly in light of the size of the attacks.



CHECK WITH YOUR NET ADMINISTRATOR

Organizations can purchase these solutions themselves, and many Internet service providers offer the devices on their networks. DDoS mitigation devices employ newer intrusion prevention technology that not only inspect traffic, but also proactively mitigate attacks based on rules established by the network administrator. For example, an intrusion prevention system might drop a packet that it determines to be malicious and block all further traffic from that IP address or port while allowing unaffected traffic to flow unimpeded. Mitigation systems can perform complex monitoring and analysis, such as watching and responding to both individual packets and overall traffic patterns.
   Unfortunately, these hardware devices also have performance limitations. After they reach their limits, they allow “attack leakage” back onto the system, hurting the network. Modifying these solutions to add capacity is a slow process that can take days to weeks – far slower than the rate at which attack sizes are increasing.

In the end, the most effective prevention against DDoS attacks is to make sure they never enter a network in the first place. Increasingly many organizations are turning to service providers that mitigate massive DDoS attacks “in the cloud,” leveraging large amounts of bandwidth and racks of “scrubbing equipment.”  Managed service providers spread the cost of their resources over many customers, so they can purchase massive amounts of resources to handle the largest attacks.

The most effective DDoS mitigation service providers have global reach, and so are able to mitigate attacks near their origin.

It is increasingly common that US- and European-based companies are attacked by large botnets stemming from Asia. So it makes little sense to have gigabits of traffic travel over continents and oceans en route to a single DDoS mitigation system.  




About the Source

Security Magazine thanks Paul Sop, chief technology officer at Prolexic Technologies, for the material in this article. During his career, Sop also founded a company focused on insider threat simulation. Contact him at paulsop@prolexic.com.

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Fountain pen

Trump Administration Executive Order Changes Cybersecurity Policy

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • nozomi 4

    Tackling the challenges of detecting P2P botnets

    See More
  • cyber hack

    Europol takes down one of the most significant botnets in the past decade: EMOTET

    See More
  • election

    Director of CISA Chris Krebs says there's no evidence of foreign interference in the 2020 election

    See More

Related Products

See More Products
  • Physical-Security-and-Safet.gif

    Physical Security and Safety: A Field Guide for the Practitioner

  • databasehacker

    The Database Hacker's Handboo

  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing