Go Online to Prevent Cyber Attacks
1. How can IT disaster recovery outsourcing help banks protect confidential customer information in case of a data center outage?
There are number of ways to protect data centres. Of the different approaches available, businesses must choose one which offers layered protections, can scale with both size and frequency of attacks and does not have an impact on performance of online assets.
2. With over five billion mobile phones coupled with internet connectivity and cloud-based applications, daily life is more vulnerable to cyber threats and digital disruptions. What are the potential threats to expect in this situation?
The proliferation of devices has had both positive and negative impact on the FSI space. Institutions have been able to reach out to a wider market in a short time with new products, but it has led to them becoming more vulnerable to attacks as well. While developing newer applications or enhancing existing ones, time to market pressures invariable shorten development cycles, thus inadvertently incorporating security glitches. This proliferation of devices also means that not all devices can be placed behind a firewall. Legacy methods of protecting assets are not effective in protecting companies in this space from cyber threats.
3. Data Security Council of India (DSCI) and the Department of Information Technology (DIT), India is the prime bodies looking towards the cyber security in India. What are the areas that need to be focused in order to bring down the cybercrime count?
One key area that I would suggest is to focus on private-public partnership, especially when it comes to sharing threat intelligence. There are multiple nodal agencies that have an interest in ensuring cyber security across India. There are also organizations such as Akamai Technologies that have a view of threat intelligence that can be leveraged in protecting critical infrastructure. Better definition of the interface with the DSCI/DIT by also increasing public private partnerships in leveraging threat intelligence should be a focus area that will help combat cybercrime more effectively.
4. What kinds of threats are being faced by the financial institutes in India? What measures need to be taken to prevent these threats?
With the financial institutions turning online, the financial and personal data of individuals are available and accessible from across devices and thus increases the risk of cyber threats. Over the last couple of years, we have observed that DDoS, web application, and DNS infrastructure attacks represent some of the most critical threats to financial institutions. As per our latest State of the Internet Security Report, between July and September 2015, there has been 180 percent increase in DDoS attacks. Cyber attackers who continually escalate the volume of their attacks may merge methods such as a network layer DDoS attack with simultaneous web application-layer and data center attacks.
To avoid attacks, financial institutions need to protect critical data and online assets fiercely.
Akamai has always advocated defence in depth while protecting business critical assets. This approach provides scale against fairly large attacks and protects businesses from threats before they reach the data center. Cloud based solutions, such as those from Akamai on the other hand, offer scale, provide availability and do not impact the performance of critical online assets and applications. Further, Akamai is able to provide valuable insights to its customers and proactively protect its customers, a change in paradigm from reactive defence postures by leveraging big data to achieve this in real time.
Big data is increasingly seen as an enabler for intelligence-led security. Akamai leverages on big data to provide cyber security solutions that reacts more effectively to mitigate security incidents, prevents potential threats with the help of enhanced situational awareness and implements a greater degree of flexibility through the analysis of data.
5. Can you share a case study where Akamai would have prevented any such cyber threat from occurring?
Akamai has always been at the forefront of defending our customers against attacks on the web. We mitigated the largest attack that we have ever seen on our platform, with traffic peaking at approximately 320 Gbps. This attack was multi-dimensional in nature, consisting of both network-layer DDoS attacks targeting the network infrastructure and a volumetric attack targeting DNS. The attack peaked at approximately 320 Gbps, mitigated by our Prolexic solution, and 2.1m DNS request/s, mitigated by Fast DNS. Akamai Technologies serves out between 15 to 30 percent of web traffic globally and we are therefore able to see multiple IP addresses which are used to launch attacks.