May 04, 2022
What problems does DDoS Protect solve?
Distributed denial of service (DDoS) attacks are a major cybersecurity risk to businesses and enterprises need to have suitable protection against such threats. DDoS attacks are ‘distributed’ in that they are launched from multiple IP addresses spread across the globe.
Cybercriminals initiate these attacks from the IP addresses of insecure devices, including personal computers and other web-enabled smart devices. These IP addresses appear legitimate, when in fact they are puppets of cybercriminal activity, normally unbeknownst to the owner of the device. Due to this complexity in approach, it is difficult for traditional security software to respond to these types of attack.
The severity of a DDoS attack can range from a temporary shutdown of a network, to a devastating data breach in which all enterprise data is infected with malware, tampered with or stolen. Cybercriminals use creative approaches to infect company systems and this constantly changing threat is another reason why traditional anti-virus software falls short. Like an umbrella made of paper, traditional cybersecurity is no longer sufficient in providing enterprise-grade protection against modern IT threats.
In partnership with NETSCOUT, SEACOM Business gives corporate customers in South Africa the most advanced levels of cybersecurity. DDoS Protect is a product offered as part of our cybersecurity packages that are designed for large enterprises. DDoS Protect solves a number of problems, including the ability to mitigate different types of attack, thereby preventing system crashes and data breaches.
DDoS Protect mitigates different types of DDoS attack
Not all DDoS attacks are the same. Security experts generally classify them into three broad categories. However, some consider this to be an oversimplification because some are hybrids of different types of attack, or one type of attack is launched as a smokescreen for another more serious type of threat. DDoS Protect defends against all three main types, including combination attacks.
A volumetric DDoS attack is possibly the best known. This attack is designed to overwhelm the target site with very high traffic volumes, causing so much congestion that the site cannot handle these massive surges in demand. By using up the bandwidth of the target’s server, legitimate users, such as company employees or customers, lose access. The system becomes unresponsive and shuts down.
Volumetric attacks, however, can be quite obvious to cybersecurity systems, so hackers tend to launch them at more random intervals, using geographically distributed IP addresses. Often this type of attack is used to distract attention while an application-layer DDoS attack is simultaneously launched.
The third broad category of DDoS attack is a protocol-layer attack. This is an example of a low volume attack that takes place over a long period of time. Malware is used to send requests to the server; these fake requests use up the processing capacity of the network because they are never completed. Over time, as more requests come in, the network’s resources are consumed by unfinished requests.
DDoS Protection for hybrid threats
If the goal of a volumetric attack is to disable a firewall that monitors traffic, then it is possible that an application-layer DDoS attack is concurrently in progress. This targets specific applications, such as API payment systems that are stored on the company cloud. Vulnerabilities within these applications are targeted and often, these attacks can go unnoticed until it is too late and the company has fallen victim to a large-scale data breach.
Similar to an application-layer attack, protocol attacks are difficult for traditional cybersecurity software to detect because the requests appear to come from legitimate users. DDoS Protect uses automated analysis of the whole network to identify suspicious activity, including within applications and protocols.
By analysing traffic and usage patterns, machine learning technology can process massive data sets very quickly. DDoS Protect includes tools that can check if IP addresses correspond with their origin, as well as advanced scanning of network infrastructure.
Protecting workflows and data
Whichever type of DDoS attack is launched, the consequences can be devastating for a business. When networks are shut down, employees are prevented from doing their jobs and customers lose access to websites or e-commerce platforms. This results in a devastating cost to the company in terms of lost revenue and reputational damage. Not being able to access a business website or app can send customers elsewhere. What’s more, if a DDoS attack results in a full-blown data breach, customers are unlikely to entrust their personal data to that brand in the future.
South African businesses have had to take the protection of personal information much more seriously since the Protection of Personal Information (POPI) Act came into effect in 2020. There is a strong business case for keeping data safe, not only personal data but also sensitive financial records and intellectual property.
Cloud-based cybersecurity protection
DDoS Protect uses data filtering, networking analysis, traffic monitoring and reporting, as a comprehensive cybersecurity package that encompasses an organisation’s private and public networks. Constantly changing threats are no match for smart cyber intelligence that evolves with the threat landscape.
With SEACOM Business, South African businesses can choose the level of protection that suits their needs and budget, making it affordable for all companies to maintain data security. Whether on-demand or continuous protection is needed, DDoS Protect supports enterprises with flexible packages that can be updated as business requirements change.
NETSCOUT is internationally recognised as a leader in enterprise-grade cybersecurity and, through this partnership, SEACOM Business provides South African enterprises with advanced DDoS protection. For more information or to get a quote for our DDoS Protect solution, email us at marketing@seacom.com or leave us a message.
SEACOM owns Africa’s most extensive network of information and communications technology (ICT) infrastructure, including subsea cables and secure internet connections. We offer a diverse range of flexible, scalable and high-quality solutions for businesses that meet world-class standards for connectivity.
SEACOM is privately owned and operated, making it agile and adaptable to the needs of the customer. This makes us the preferred ICT and internet connectivity partner for African businesses and peripheral service providers. We can guarantee high-speed, low-latency and secure internet connections to corporates and small enterprises.
For more information on our internet and voice solutions, follow us on LinkedIn, Facebook or Twitter. Keep an eye on our news section for insightful articles and relevant news stories on African ICT, internet connectivity and our leading cloud and security solutions.
Need internet for your home? Our subsidiary, WonderNet, brings fast and cost-effective broadband internet to all Africans with a fibre-to-the-home offering.