alphaspirit - Fotolia

Problem solve Get help with specific problems with your technologies, process and projects.

Risk & Repeat: Corero on DDoS defense in the IoT era

Listen to this podcast

In this episode of SearchSecurity's Risk & Repeat podcast, Dave Larson of Corero Network Security discusses how DDoS defense has shifted to deal with IoT threats.

It may seem odd that the smallest and least powerful connected devices would fundamentally reshape the distributed denial-of-service attack landscape, but that's exactly what happened in 2016.

Thanks to the internet of things (IoT), companies have had to rethink how they view and perform distributed denial-of-service (DDoS) defense and mitigation. The flurry of potent DDoS attacks enabled by compromised IoT devices, combined with the lack of proper security around such devices as wireless routers and DVRs, has raised concern among enterprises and governments alike.

Corero Network Security, which provides automatic DDoS defense services, is one such company that has been monitoring and reacting to new DDoS threats. Dave Larson, COO and CTO at Corero, recently spoke with SearchSecurity about his company's approach to DDoS protection and how the stakes have been raised with new, more powerful attacks.

"We think terabit [DDoS attacks] are going to be commonplace," he said.

Larson discussed Corero's discovery of a new DDoS amplification attack vector that leverages the Lightweight Directory Access Protocol (LDAP). In addition, he talked about the role of telecom service providers in the fight against DDoS attacks, and warned of potential legislation and government regulation for the insecure IoT devices used in many DDoS attacks.

"If the service provider community doesn't do something about it, they will get regulated," Larson said. "If they want to wait [for regulations], then I can guarantee it will be more costly, less effective and a waste of their time."

How can device manufacturers and service providers do a better job of addressing the DDoS problem? How are protocols like LDAP being used for new attacks? What are the best options for DDoS defense in light of these new threats? Larson spoke with SearchSecurity about those questions and more on the subject of DDoS defense. Listen to the full interview in the latest episode of SearchSecurity's Risk & Repeat podcast.

Next Steps

Risk & Repeat: Tatu Ylonen on solving SSH security woes

Risk & Repeat: Second Yahoo data breach discovered

Risk & Repeat: Avalanche crimeware as a service operation busted