Volumetric DDoS attacks using hijacked IoT devices are growing at an alarming rate. There are billions of IoT devices worldwide so no lack of soldiers to muster for an attack. But what’s changing, and what’s leaving networks exposed, is that these attacks are increasingly being sourced from IoT devices that are all located in the vicinity of the attack target. This is changing the dynamic of how network operators and security teams can protect their network infrastructure.
These people, who are charged with keeping the pipes of the internet clean and functioning 24/7, care greatly about having the most immediate and effective tools available to defend themselves. They care that IoT devices are left unsecured and available to botnets. They really care that IoT attacks are changing to being more localized. And for this reason, they care about an update to our Red Armor family of products: the GigaFilter – a new weapon in the war against large DDoS attacks delivered by botnets that use hijacked IoT devices. They instantly, fundamentally understand what GigaFilter can accomplish.
GigaFilter is a feature that is controlled through REST on all Corsa NSE7000 products. It allows or denies traffic originating from 4 billion IPv4 addresses, allowing precise elimination of each desired IPv4 address. It is an immediate response to an IoT attack. When the feature is triggered, traffic allow/deny takes place in <1ms which is orders of magnitude faster than current operational models. Traffic forwarding performance is always maintained regardless of the number of IP addresses filtered.
We’ve added this capability specifically to deal with the changing DDoS scene where the first D isn’t necessarily describing the new type of IoT attacks that are brewing. ‘Distributed’ might not necessarily characterize hijacked IoT devices and networks need to be able to handle this.
Let us know what you think.