COMMENT: The DDoS threat to service provider networks

How the telecoms sector is facing the DDoS attacks in the region
Mahmoud Samy, regional director High Growth Markets (Russia, CIS and Middle East) at Arbor Network.
Mahmoud Samy, regional director High Growth Markets (Russia, CIS and Middle East) at Arbor Network.


DDoS attacks against customers remain the number one operational threat to service providers, although attacks against infrastructure continue to grow in prominence, According to Arbor Networks 10th annual Worldwide Infrastructure Security Report, released earlier this year. Let’s examine why.

At the beginning of 2014 we saw a dramatic increase in DDoS attack activity with possibly the most concentrated storm of large attacks that has ever been seen on the Internet. The majority of these attacks leveraged a reflection amplification technique using the Network Time Protocol (NTP), Simple Service Discovery Protocol (SSDP) and DNS servers, with large numbers of significant attacks being detected all around the world.

Reflection amplification is a technique that allows an attacker to both magnify the amount of traffic they can generate, and obfuscate the original sources of that attack traffic. This technique relies on two unfortunate realities: firstly, around a half of service providers do not implement filters at the edge of their network to block traffic with a ‘forged’ (spoofed) source IP address; secondly, there are plenty of poorly configured and poorly protected devices on the Internet providing UDP services that offer an amplification factor between a query sent to them and the response which is generated.

Just how dramatic has been the increase in DDoS attack size? Globally, DDoS attack size has grown 4,900 percent in past 10 years. The Middle East region follows the global trend in both attack size and the use of various reflection amplification techniques.

Mid-East DDoS Attack Overview

Very few enterprises can withstand DDoS attacks of this size. In turn, they are increasingly looking to their service providers for DDoS mitigation support. This has led service providers to invest in and launch DDoS mitigation services. Etisalat, STC, Ooredoo, Fasttelco and Omantel are but few examples of some regional providers who have recently launched a DDoS mitigation service for their enterprise customers.

With attacks approaching 100Gbps in the region, and 400Gbps globally, DDoS also poses a significant operational threat to the availability and performance of service provider networks. This unwanted, malicious traffic takes up bandwidth meant to carry legitimate IP-based services to customers. It can impact both the quality and availability of these services. It is in the provider’s interest to mitigate this traffic, free up bandwidth for legitimate, revenue generating services.

The bottom line is that DDoS has remained a resilient attack method for more than a decade. With the recent explosion in DDoS attack size, it presents a significant operational threat to enterprise networks that rely on Internet connectivity for revenue generation, as well as back office applications that the business relies on, such as email, sales force automation, CRM and others. For service providers, DDoS represents both a challenge, and an opportunity.

The challenge is mitigating these attacks so they can deliver high quality, revenue generating services their customers rely on. The opportunity is to meet a clear need of their customers, by delivering DDoS mitigation services.

Mahmoud Samy is regional director High Growth Markets (Russia, CIS and Middle East) at Arbor Network.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.

Editor's Choice

Emerson expands analytics platform for industrial enterprise-level wireless infrastructure management
Plantweb Insight platform adds two new Pervasive Sensing applications that manage wireless networks more efficiently with a singular interface to the enterprise
Digitalisation seen as a competitive advantage by Middle East private businesses
Nearly 80 per cent of private business leaders acknowledge that digitalisation can impact business sustainability
Etisalat introduces Multi-Access Edge Computing architecture delivering best-in-class video streaming performance for 5G networks
MEC architecture achieves performance gains of as much as 90% in video streaming, validating how ultra-low-latency applications will be delivered over 4G and 5G networks

Most popular

Don't Miss a Story