Experts on Web application security gathered recently at a seminar organized by Dimension Data and Check Point to discuss serious business implications of Distributed Denial of Service (DDoS) attacks if not properly addressed by enterprises.
The conference was organized by Computerworld Hong Kong in partnership with Internet security company Check Point, and IT services and solution provider Dimension Data. The objective was to openly discuss and find collaborative efforts on the growing number of DDoS attacks experienced by large to medium enterprises worldwide, resulting in huge amount of business losses and the profound dent on the corporate image of top global companies.
Web applications are significantly on the rise, according to Billy Ng solutions architect at Dimension Data. And they are being developed and adopted by companies to facilitate interactive interfaces via the Internet for their target markets.
"It provides best user experience, reduce business operating cost but since its available 24/7, it is vulnerable to attacks and hacks that could result in both intangible and tangible business losses," Ng said.
According to the Open Web Applications Security Project (OWASP), an international and open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted, Web applications of all kinds have in recent years increasingly become the target of hacker attacks.
It added that the attackers are using methods which are specifically aimed at exploiting potential weak spots in the Web application software itself - and this is why they are harder to detect, or are not detected with sufficient accuracy, by traditional IT security systems such as network firewalls or IDS/IPS systems.
DDoS is a type of DOS attack where multiple compromised systems -- which are usually infected with a Trojan -- are used to target a single system causing a Denial of Service (DoS) attack. Victims of a DDoS attack consist of both the end targeted system and all systems maliciously used and controlled by the hacker in the distributed attack.
In a DDoS attack, the incoming traffic flooding the victim originates from many different sources -- potentially hundreds of thousands or more. This effectively makes it impossible to stop the attack simply by blocking a single IP address; plus, it is very difficult to distinguish legitimate user traffic from attack traffic when spread across so many points of origin.
Challenges in addressing DDoS attacks
Calvin Ng, Country Manager Hong Kong & Macau, Check Point reiterated during the conference that the challenge faced by most enterprises in addressing DDoS is not only coming from threats outside their network, but can also be internal.
"Today, 60% of businesses are generated via the Internet which makes it crucial for us to create a collaborative network to address cyber attacks," Ng added.
Sign up for CIO Asia eNewsletters.