How to protect networks in times of uncertainty
In a matter of days, alongside numerous other disruptions, the workplace has undergone a wholesale upheaval. Instead of in-person meetings, access to local networks and fileshares, and casual conversations in breakrooms, we’re spending all our time on video conferences, using home Wi-Fi networks and trying to stay in touch with colleagues in every way possible short of seeing them in person. My workplace is even hosting virtual yoga sessions with our instructor leading us through our poses over a web session. As much as I couldn’t have imagined wanting this just a few weeks ago, today it’s a welcome break from the onslaught of bad news.
Thinking back to the network, organisations to varying degrees have been accommodating and even encouraging a remote workforce for many years now, but few organisations of size have had to deal with a large majority of their employees accessing enterprise resources entirely from the outside of their office locations. Suddenly, the VPN is the central connection point for the majority of the enterprise.
But even as there are frantic attempts to ensure that the capacity of these networks is sufficient to withstand the increased demands, those of who follow the threat landscape are concerned about the risk to enterprises that are dependent on these services. One key aspect of the risk is the availability of the service.
Our past experiences lead us to the following understanding:
· Distributed Denial of Service (DDoS) attacks against the availability of Internet-based services will occur. This is not a new thing – we observed 8.4 million attacks in 2019
· The adversary, regardless of motivation, will focus on the services that matter the most at any given time. During these times, we can expect that VPN concentrators will quickly ratchet up to the top of the list of services that enterprises depend on
· Similarly, institutions that are in focus today – government agencies, healthcare organisations, financial institutions – will see a level of targeting
· The large population of disaffected people with time on their hands will contribute to this phenomenon. These are times of high anxiety for everyone and as the economic consequences are felt across our populations, it is possible that some subset of society will channel their anger online
While the individual enterprise or educational institution can’t address the causes of these attacks by itself, they can certainly prepare for the eventuality that their online services – think remote access for employees, portals for vendors and partners, online retail, educational testing – can be targeted during the times, causing further challenges during these already trying times.
There are a number of measures that everyone can take to protect against these attacks:
· Reconsider what needs to be behind the VPN – where possible use well-established SaaS-based services for productivity suites, collaboration tools etc. This will reduce the dependency on the VPN in the first place
· Establish split tunnelling and acceptable use policies – you don’t want your employees gaming on their corporate equipment and you certainly don’t want it traversing your VPN, both for the added cost but also the risk of your network getting targeted for a gaming advantage
· Run table-top exercises to understand your DDoS posture – whether you’re following best practices involving dedicated equipment and a managed service to back you up, or you’re counting on being lucky and not being targeted (I wouldn’t recommend this), it’s imperative that you have a good handle on how you expect to respond to a DDoS attack. This is vastly superior to figuring it out while you’re under attack.
We have plenty to worry about in these times and it’s unfortunate that the availability of your remote services has to be on that list, but it does. Fortunately, there are well understood means to overcome these challenges, unlike some of the other ones we confront in these times. Remote network access has vaulted to the forefront of technologies enabling the enterprise and those of us responsible for its availability need to do our best to protect them.
Hardik Modi is AVP Engineering, Threat and Mitigation Product at Netscout
In a matter of days, alongside numerous other disruptions, the workplace has undergone a wholesale upheaval. Instead of in-person meetings, access to local networks and fileshares, and casual conversations in breakrooms, we’re spending all our time on video conferences, using home Wi-Fi networks and trying to stay in touch with…
Recent Posts
- Honda unveils a series of sleek EVs for China and they’re way more exciting than anything we get in the rest of the world
- You should be playing Music League
- Razer’s Kishi Ultra gaming controller works with damn near everything, including some foldables
- Meta is adding real-time AI image generation to WhatsApp
- The 6 Best Handheld Gaming Consoles (2024): Switch, Steam Deck, and More
Archives
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011