How can you fend off the largest DDoS attack in history? For Microsoft, early detection and investing in software as a service was key. Read on to learn more.
By Jason Barr, Senior Director of Innovation, Core BTS
Last month, European Azure Cloud users faced the largest Distributed Denial-of-Service (DDoS) attack in history. Yet, it was business as usual for Azure Cloud customers — all thanks to Microsoft’s well thought out security protections.
For years, Microsoft has warned that cyberattacks are growing more sophisticated. Beyond predicting the future of the security landscape, the industry leader has worked hard to prevent attempted breaches before they happen.
As technology environments continue to grow more complex, we can all take note of Microsoft’s successful defense strategy consisting of early detection, effective defense of data, and depth of coverage.
Yet, no organization should entirely rely on its cloud provider for protection. Beyond the cloud, companies also need to invest in security software and services to protect themselves and equip their organizations to rapidly respond to the unexpected.
Early detection made Microsoft stand out
Over the course of just 10 minutes in August 2021, 70,000 sources across East Asia and the U.S. attempted to breach the Azure Cloud. They were unsuccessful. But this 2.4 Tbps DDoS attack was 140 percent larger than 2020’s largest attack, proving the durability of Microsoft’s platform.
At Microsoft, the Azure DDoS protection team protects the property in Microsoft and the wider Azure infrastructure. While no cloud system is infallible, Microsoft’s distributed DDoS detection can quickly scale to absorb tens of thousands of terabits of DDoS attacks in seconds.
During the first half of 2021, Microsoft reported a 25% increase in the number of attacks compared to Q4 2020. While it’s impossible for security analysts to pinpoint exactly how it blocked this particular attack, there are several key elements that contributed to its secure infrastructure:
Early detection: Early warning indicators gave Microsoft instant visibility so the company could respond and scale its systems. The sooner your software detects a breach, the less likely it will get out of hand.
Immediate mitigation: Azure’s DDoS control plane logic immediately took action when it detected the DDoS attack. By optimizing the fastest time-to-mitigation, they were able to prevent collateral damage from large-scale bad actors.
Strategic allocation of resources: Like many of its counterparts, Azure DDoS protections trigger mitigating sequences that dynamically allocate resources closer to the attack sources — and as far away from the customer region as possible.
5 steps to investing in security as a service
Security is a shared responsibility between clients and cloud providers. As you consider your options, evaluate software as a service (SaaS), key infrastructure elements, and the UX of the app or platform hosting the technology.
The more clients can push for software as a service (SaaS), the more protection and capabilities they’ll have in place. Providers like Microsoft also offer infrastructure optimization, which involves patching the infrastructure and ensuring all virtual machines are up to date. If you ask me, the app interface you’re interacting with regularly is paramount to a strong security platform. Microsoft is taking on these services to ensure they are delivering accessible and high-quality content at the tap of a button.
However, you can’t rely 100% on the cloud provider to keep you safe in today’s landscape. The responsibility also falls to you. It’s important to build strong protections, evaluate the business implications of a breach, and determine which additional security software to invest in, independently of your cloud provider.
As the bandwidth, frequency, and duration of attacks soars, here are a few key actions you can take to determine the right type of security protection for your organization.
Ask yourself “Why me?” Requirements drive decision-making. The first step in defending your data is simple: Understand the scope of your risk in the short and long term. While the industry is doing a great job informing organizations that security should be top of mind, it is equally important to determine your organization’s unique vulnerabilities.
Evaluate the business outcomes. Only 65% of organizations have a cybersecurity expert, yet the business implications of a breach can be astronomical. Remember, cyber criminals aren’t trying to steal your data. They’re trying to halt all business functions to stop revenue in its tracks. E-commerce platforms, for example, can lose millions of dollars every minute they are shut down by a DDoS. With that in mind, consider the impact of the breach on your products, supply chain, and brand visibility to make the case for better security technology.
Assess the value of your tools regularly. Security and risk management spending grew 6.4% in 2021 alone. Ever-evolving cloud capabilities come at a cost, so be sure to weigh your risk against relevant surfaces and tools. Since price models will continue to change, you should evaluate your risks and unique needs on a monthly basis.
Build a business case. Many traditional mentalities don’t view security technology as a necessary investment. Counter outdated perspectives by educating your executive leadership, providing relevant total cost of ownership (TCO) financials, and presenting return on investment (ROI) evaluations.
Establish your non-negotiables. From a security perspective, there are certain elements that are non-negotiable on the cloud. Know your business requirements, people, apps, and data to inform your security needs.
While the threat of cyberattacks is ongoing, you can reduce the risk of DDoS attack on the cloud by investing in a range of security solutions. As technology professionals, everything we do involves data. We see security threats every single day, and it’s essential to stay visible.
The next biggest DDoS attack in history is around the corner. Learn more about how to face the future head on today.
About the Author
Jason Barr is the Director of Innovation of Core BTS. He specializes in leveraging Microsoft technologies to drive digital transformation across enterprise organizations. A supportive mentor and coach, Jason has 20 years of experience helping C-Level executives and technology professionals align IT initiatives to business goals. His expertise includes IT strategy development, cloud roadmapping, project management, software architecture, and cloud architecture. Jason is also a proud Walsh University instructor, supporting their skilled workforce training program which equips businesses with practical technology solutions. Jason Barr can be reached online at https://www.linkedin.com/in/jbarr1108/ and at https://corebts.com/.
FAIR USE NOTICE: Under the “fair use” act, another author may make limited use of the original author’s work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material “for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.” As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner’s exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.
Source: www.cyberdefensemagazine.com