The more businesses are keeping data online, the more opportunity for cybercriminals to attack. And, since digital isn’t going anywhere, businesses are forced to take measures to protect themselves from all manner of cyberattacks.
One particularly popular and nasty cyber attack is a distributed denial of service, or DDoS. When an organization, or group of organizations, are victims of a DDoS attack, it means hackers from anywhere in the world send enormous amounts of useless data to their target. All of that garbage data overwhelms the target’s servers to the point where the target can no longer accept incoming requests. Eventually the network and servers slow to a crawl or, in some cases, shut down completely. In recent attacks, the endpoints went beyond laptops and PCs to all manner of connected, or IoT, devices such as baby monitors and printers.
These attacks show no signs of slowing down. In fact, according to leading content delivery network (CDN) services provider, Akamai, DDoS attacks greater than 100Gbps increased by 140% year-over-year in just the last quarter of 2016.
While organizations are continuing to spend huge amounts of money to combat these attacks, the answer may be in a new direction. A recent article in information age asks if it is time for software and hardware manufacturers to consider using standards to address security risks in the IoT.
“One key standard is the Open Trusted Technology Provider Standard, or O-TTPS, which addresses these issues around supply chain security and product integrity. Recently approved as ISO/IEC 20243, this set of best practices can be applied from design to disposal, throughout the supply chain and the entire product life cycle.”
These types of standards try to mitigate tainted and counterfeit hardware from even coming into the supply chain. That way, they’ll never have the opportunity to get into Internet connected devices. Within the standard there is a process for vulnerability analysis and notification of newly discovered and exploitable product weaknesses requirements that can catch risk areas. Then, these attacks can be blocked or slowed and significantly reduce the damage done.
While, as the article states, standards can’t categorically prevent the inception of DDoS attacks, what they can do is mitigate their effectiveness and limit their economic damage.
“Further steps need to be taken in the form of collaboration, whereby we reach a point where we can recognize which technology and technology providers can be trusted and which cannot. But adhering to global standards provides a powerful tool for technology providers and component suppliers around the world to combat current and future DDoS attacks.”
While we know standards aren’t the golden ticket to a future free of cyber attacks, they can certainly be a step in the right direction. This is especially true of those created in a collaborative environment and adhering to our Modern Paradigm for Standards.
Do you think standards could be the answer to slowing down the progression of DDoS attacks?
If you’re interested in learning more about OpenStand, check out our OpenStand infographics.