Takahiro Kouke, Country Manager - Japan, Radware
The threat of a Distributed Denial of Service (DDoS) attack has become one of the top security issues threatening business operations today. Beside information leakage, a DDoS can disable or delay servers and bring business infrastructure to a grinding halt. And for the healthcare industry, these issues can mean much more than a loss of revenue or negative impacts on the company’s brand. These outages can literally mean life-or-death.
In Japan, there have been several recent attack campaigns launched by the hacktivists group, Anonymous. “Hacktivists” is the coined word for activists that use hacking as their means of protest. They target not only specific industry ‘offenders’, but they also target public sectors and other organizations not directly related to their principles. In some regions, they have even attacked children’s hospitals in protest over custody disputes, threatening to severely hinder many of the hospitals’ network-based clinical operations.
Another increasingly popular type of attack is a “ransom” attack. The word “ransom” reminds us of the threat “ransom ware,” when malware encrypts data saved in the disk and asks for the money to decrypt it. However, ransom is no longer just malware. “DDoS for Ransom” has grown exponentially since last year both in Japan and around the globe. The victims first get a ransom email that says “Pay this amount of bit coin or you will be attacked with a huge volume of DDoS, then your services will all be dead. To show we are serious, we will start a short DDoS now.” Because this sort of attack tends to reach up to 500Gbps, typical perimeter protection products (e.g., Firewalls or UTM) don’t work. This type of attack has also become a common tactic targeting healthcare providers. In the United States, a series of attacks targeted hospitals and other healthcare providers, requiring payment in order to unlock encrypted traffic or avoid a huge volume DDoS attack. Part of what is contributing to the exposure for healthcare providers is an increase in new Internet of Thing (IoT) devices being used to deliver care. Many of these devices are manufactured by companies with little or no experience in creating secure software.
What is needed to prevent damage caused by those modern attacks? One of the key strategies is leveraging the “cloud”. Like DDoS for ransom, the huge volume of attacks that choke the Internet connection is too much for organizations to handle. In such cases, the traffic should be re-routed to special datacenters with enough capacity and purpose-build technology to handle high volume traffic and clean it. Those datacenters are called “scrubbing centers” as it removes dirty packets. Then, organizations can receive legitimate traffic only. All scrubbing is done on the cloud, regardless of whether the client chooses a non-demand or always-on service.
However, Anonymous usually uses DDoS tools to saturate system resources, like memories and buffers on the servers or network devices. This requires another solution. These sorts of attacks are usually detected with on-premises devices but recently we have made that service available in the cloud as well.
Using DDoS protection as a service brings you several benefits. First, it doesn’t require upfront CAPEX and allows companies to manage these costs as OPEX. Second, it fits to the organizations migrating on-premises servers to clouds. Cloud security provides the same level of security policy to both remaining on—premises and on the cloud servers. Third, it is management free. IT employees don’t have to configure or update technology when there are new releases or new threats discovered. It is automatically done on the cloud so IT employees can concentrate on other important projects. Radware recently launched “Cloud Security Services” that protect against those security challenges. Highly tuned services with a highly skilled professional service team will protect you from modern DDoS attacks that threaten your business.
Attacks are evolving. Threats are evolving. Healthcare companies that want to ensure protection of sensitive, private patient data and ensure continuity of operations need to be proactive. So, all that is need is to make use of cloud benefits and get ready for today’s threats.