Recent DDoS Attack a Wake-up Call for Carriers and Customers Alike
Enterprises must demand information and accountability about how the carriers manage risk in their network.
Security experts have been warning recently that telecom carriers are becoming an emerging target for distributed denial of service (DDoS) attacks, which attempt to take down a service by flooding it with massive amounts of traffic, thereby rendering it unavailable to legitimate visitors.
On August 15, 2012, AT&T suffered a DDoS attack. AT&T told ComputerWorld that “[d]ue to a distributed denial of service attack attempting to flood our Domain Name System servers in two locations, some AT&T business customers are experiencing intermittent disruptions in service…. Restoration efforts are underway and we apologize for any inconvenience to our customers.” Details of the attack were sketchy, but the attack reportedly lasted several hours and affected enterprise customers of AT&T’s managed DNS service in the former BellSouth region.
Some wags were quick to note that AT&T apparently was not using its own DDoS protection service, which the company claims “rapidly identifies the sources and attributes of any suspicious transactions, including the newest threats. We can adapt the network behavior to mitigate their effects while valid traffic continues to be delivered, as usual, to your access router. So business continues as normal.”
It may be fun to note the irony that AT&T hypes DDoS security services even as it struggles to protect its own network. However, that should not obscure the serious security challenges facing enterprises going forward. There will be further attacks on carriers, and AT&T isn’t the only target. So how should enterprise customers respond?