Jeffrey Lyon: The escalating severity of the distributed denial of service (DDoS) attack threat
Black Lotus is a leading provider of availability security solutions for the mitigation of distributed denial of service (DDoS) attacks specializing in solutions for service providers and enterprises to facilitate the defense of hosting providers, datacenters, carrier networks, and cloud infrastructure. The company maintains a global network with 480 Gbps of active DDoS mitigation across 5 datacenter locations. This robust capability gives Black Lotus the ability to filter a DDoS attack of any size on behalf of its customers.
Black Lotus is a holding of Industry Capital, a San Francisco based private equity fund manager with $1.4 billion under management.
Rake Narang: Who are the main targets of DDoS attacks? What types of DDoS attacks are most common and how are today’s DDoS attacks more complex?
Jeffrey Lyon: What was once considered an issue isolated to the underworld of the internet is now a very real concern for every single company which uses the internet in commerce. The types of attacks which are most common will vary from one week to the next; however, the threat that is most dominant right now is a network time protocol (NTP) reflection where an attacker spoofs the IP address of its target and then sends requests to older, insecure time servers which return data at an amplification of 58.5, generally resulting in an outage to the spoofed target.
About Jeffrey Lyon
Jeffrey Lyon, CISSP-ISSMP, CISA, is a leading expert in distributed denial of service (DDoS) theory and attack mitigation strategy. He has served as the driving force behind Black Lotus' innovation for over 14 years. In 2005, he completed his Bachelor of Business Administration (BBA) in operations and information systems at The College of William and Mary and is a pursuing a Master of Business Administration (MBA) in accounting. He is a co-inventor of Black Lotus' patent-pending Human Behavior Analysis (HBA) method of mitigating layer 7 DDoS attacks.
Rake Narang: How do zombies and botnets become a critical part of the threat?
Jeffrey Lyon: There are numerous methods of launching a DDoS attack ranging from direct attacks using organic resources and creating botnets of infected systems, to using the same botnets to spoof traffic taking advantage of vulnerabilities in servers using UDP protocols, such as the aforementioned NTP or the historically more common open domain name system (DNS) resolvers. Nearly all DDoS attacks rely on system vulnerabilities that the attacker can exploit to generate massive amounts of traffic.
Rake Narang: Why a hardware firewall may not be enough to mitigate DDoS attacks? What are DDoS mitigation solutions available from your company?
Jeffrey Lyon: DDoS mitigation systems are technically firewalls that are specifically designed for the purpose of detecting anomalous traffic and preventing it from entering a network. So long as the network operator has the available bandwidth, the systems are quite effective at stopping DDoS attacks. Traditional firewalls sometimes advertise DDoS protection as a capability but are not well suited to the task. This is because the traditional firewall is a stateful appliance used to enforce a network policy, generally to prevent intrusion, which is a very resource-intensive task that prevents the system from also performing DDoS mitigation.
Company: Black Lotus Communications
1 Sansome St., Suite 1500, San Francisco, CA 94104 USA
Founded in: 1999 Public or Private: Private Head Office in Country: United States Products and Services: Availability security (DDoS protection) Company’s Goals: To continue a path of global expansion in support of high performance DDoS mitigation services for service providers and enterprises. Key Words Related to your Company: DDoS protection, DDoS mitigation, availability security
JOIN NOW THE CYBER SECURITY WORLDWIDE COMMUNITY ON LINKEDIN