Building resilience against distributed threats at government levelMay 15th, 2018
There’s no doubt that the United States is taking Distributed Denial of Service (DDoS) attacks seriously. In point of fact, the Secretary of Commerce and the Secretary of Homeland Security posted a draft report on 5 January this year, entitled ‘A Report to the President on Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats’. The report, which represents a request for comment from the industry, highlights the efforts needed to reduce the threats from automated distributed attacks.
The American Departments of Commerce and Homeland Security are pursuing three approaches, namely, hosting a workshop, publishing a request for comment (the report mentioned above), and initiating an inquiry through the President’s National Security Telecommunications Advisory Committee (NSTAC). This is aimed at collecting input from experts and stakeholders, private industry, academia, and civil society. The final draft will be based on the received comments before submission, due to US President Donald Trump on 11 May, 2018.
IT consultant and author Gary Audin says the report postulates that there are five concurrent and continuous functions that need to be applied, as follows:
- Identify and locate devices that cannot be secured.
- Protect the system and network architectures to provide additional layers of protection for any remaining high-risk devices and deploy DDoS mitigation services.
- Detect using a combination of ISP-based detection services and enterprise-operated network monitoring for both inbound and outbound malicious traffic, and identify infected devices in near real-time.
- Enterprises should have processes and procedures to contact their ISPs and anti-DDoS service providers when attacks are detected.
- Recover the enterprises ability to re-establish infected systems instead of paying ransomware to resume operations.
Against this background, it is useful to ask where we stand in South Africa in terms of government awareness of DDoS threats, and activities that should be taken to protect business and enterprises from DDoS attacks.
Bryan Hamman, Arbor Network’s territory manager for Sub-Saharan Africa, says, “Increasingly today, we are seeing that botnets – internet connected devices which have been infected with malware – are becoming a global problem. Botnets allow the attacker to access the device and its connection and can be used to perform DDoS attacks, steal data and send spam. The owner can control the botnet using command and control (C&C) software. It is arguably an imperative, then, that this initiative by a US government department to investigate DDoS attacks be put into place. Because South Africa is not immune from DDoS attacks, I would advise the necessity of investigating the issue of such attacks at government level in our country also.”
Hamman believes it is therefore heartening that ANC President Cyril Ramaphosa mentioned the pending establishment of a commission around the digital industrial revolution in his 2018 maiden State of the Nation Address (SONA).
Ramaphosa said in the SONA that, “We will soon establish a Digital Industrial Revolution Commission, which will include the private sector and civil society, to ensure that our country is in a position to seize the opportunities and manage the challenges of rapid advances in information and communication technology. The drive towards the digital industrial revolution will be underpinned by the availability of efficient networks.”
Picking up on this theme during the Gauteng State of the Province Address (SOPA) in Johannesburg on 26 February, a short while after Ramaphosa’s 2018 SONA, Gauteng Premier David Makhura also emphasised the impact that the fourth industrial revolution is having on the country’s economy in general, as well as on jobs.
Makhura noted that Gauteng as a province has “…a partnership with technology companies to train large numbers of young people in digital skills so that they can take advantage of employment and entrepreneurial opportunities in the digital economy. The fourth industrial revolution or digital revolution is upon us. It is fundamentally transforming the way we live, work and relate to one another. It offers enormous opportunities and some challenges, and we need to prepared for it.”
Hamman concludes, “We are still in the extremely early days of South Africa under the leadership of our new President, but it is heartening that, at both a national level and at the level of the Gauteng province – which is arguably the economic powerhouse of the country – we are seeing a political awareness and understanding of the importance of the digital world filtering through. At Arbor Networks, we look forward to further information on the role that the government intends to play in empowering South Africa’s future in the digital revolution, and are always prepared to offer input and support against cyber attacks as part of that digital preparedness.”
For more information about Arbor in Africa, please contact Bryan Hamman at [email protected].