Do you pass out candy on Halloween? Are you the house that gives out full-sized candy bars, or are you the home that hands out fruit? Times may have changed, but if you were the house the gave out crappy treats, you had best be prepared for the onslaught of trickery later that night, or on Devil’s Night the next year. Oddly enough, if you kept your lights out or chose not participate in giving out candy to the neighborhood children, you were given a pass. Although we children found it bothersome that you were not giving us candy, we assumed you were either not home or unable to participate, and therefore exempt from the wrath of having un-popped popcorn kernels thrown at your screen door, eggs thrown at your garage, or toilet paper tossed over and around your front yard trees.
Those were silly times. They were fairly harmless too, but even as children we were learning to judge and sentence “the guilty” to unnecessary but inconvenient consequences. In many ways, DDoS attacks can be considered an inconvenient and unnecessary consequence of a business decision or action. That is not to minimize the effects of a DDoS attack. In fact DDoS attacks continue to grow in size and in cost, while the ability to initiate and associated costs of an attack get smaller.
Hactivism is oftentimes the reason that stems from a disruptive attack on the corporate or organization’s network. The attackers determine the crime and the punishment, but unlike Halloween and Devil’s Night, these cyber activities are year-round, and are far from childish. But similar to Halloween, these attacks can often times be masqueraded in a way that more nefarious activities pervade your network to do harm at a later date, because there is a process gap in technology operations.
When the nuisance of a DoS attack becomes a true threat, most enterprises are ill-prepared to address this risk at an early stage. One reason is due to the inability to see what actually has occurred beyond the network disruption. Another reason is that the teams supporting DoS attacks and more advanced security attacks are different. Although we are starting to see alignment happening, network operations and security operations teams focus on different areas of the business function and also within different areas of the IT infrastructure. In the case of DoS attacks, the network operations teams are almost always responsible for prevention and mitigation, however for more advanced threats, the cyber security teams take control. In many instances, hackers will exploit this weakness. All the technologies in your arsenal will be rendered useless if you do not have the ability to visualize these threats, understand what is going on at and within your networks, and protect against the attacks before they do irreparable harm.
So as the network operations team proceeds to deflect or mitigate from a DoS attack, be aware that this “trick” being enacted at your front door, might be more of a “threat” than you are prepared to handle, or even able to see. If only it was as easy as handing out full-sized candy bars…trick or t(h)reat!
The post Trick or T(h)reat appeared first on Arbor Insights - Our People, Products and Perspective.