SoTU Attacks Show Importance of Defense Beyond Data Center

(Image: Forbes)

Dr. Tom Leighton, chief executive officer of cloud service provider Akamai, said Thursday that data center defense on its own is woefully inadequate to handle capacity available at the edge of the network to launch distributed attacks.

Speaking at MeriTalk’s Akamai Government Forum, Leighton discussed his company’s role in providing cybersecurity services to the White House and revealed further-reaching implications for protecting government agency assets when data centers present favorable targets to cybercriminals.

“Probably the White House is ground zero for attacks,” Leighton said. “Pretty much a lot of the attacks we see, we see them first going after the White House, just widely attacked from around the world.”

He gave a singular example–President Trump’s first State of the Union speech–for which Akamai both provided video delivery for the event and defended against 20,000 different attacks using the same infrastructure.

“That’s very common and not one attack, but lots of people trying to block it, take it down, even better if they can switch the signal or corrupt the content somehow,” Leighton told MeriTalk in an interview. “The [Whitehouse.gov] site is obviously a big target.”

The key to Akamai’s ability to safeguard the government assets it’s charged with protecting, Leighton said, is the Kona Site Defender, which operates thousands of servers distributed throughout the world and works to mitigate distributed attacks at the source.

“When the attacks come from the edge, these IoT [Internet of Things] devices, we can absorb it and filter it and block it right where the capacity is,” Leighton said. “We have access to enormous capacity because of where those servers are located. So, we can stop this traffic before it gets anywhere near your data center, and generally before it gets anywhere near the country where your infrastructure is located.”

Leighton cited the overwhelming capacity available at the edge of the network compared to centralized data centers. The capacity at the edge of the network, distributed throughout homes and connected devices, amounts to tens of thousands of terabits per second. But at the data center level, among all the core providers? Only in the hundreds of TBps.

“If you’re defending yourself at the data center today, you’re in trouble,” Leighton said. “The bottom line is you cannot rely on data center defenses anymore, they’re just not enough. You can’t provision the capacity you need to absorb these large attacks.”

Leighton said current record-level distributed attacks could cripple many major cloud service providers entirely and are “enough to disconnect most countries from the rest of the world.” Given the available capacity at network edge–those tens of thousands of terabits–it’s “entirely conceivable” that we could see attacks hundreds of times greater in the future, he said.

So as the government shifts its thinking on data centers, seeking closures, consolidation, adopting hybrid cloud, and provisioning care of assets to cloud providers, defense strategy can’t be a simple hand-off.

“The only way to defend yourself now against these large attacks is to filter the traffic at the edge of the internet where the capacity is,” Leighton said. “You’ve got to stop it right at the source, and of course the source is distributed, so you need a distributed defensive infrastructure.”

Beyond the data center, this need has come into stark focus in the government with a recent report to the President citing the growing threat of botnets. The report advocated for better IoT device security, but it seems that’s not the only consideration that needs to be made. With some time before baseline IoT security becomes commonplace, government needs to expect that the threats will continue to mount.

“This is just the tip of the iceberg,” Leighton said.

No Comments

    Leave a Reply

    Recent